Custom crafted message object in Meteor.Call allows remote code execution and impersonation

Disclosed: 2021-10-11 17:20:44 By wreiske To rocket_chat

Critical

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 534887
State: Closed
Substate: resolved
Upvotes: 4

Share this report