CVE-2023-28318 - AskarLabs CVE Database

CVE-2023-28318

Vendor N/A

Product Rocket.Chat

Weakness CWE-285

Published May 9, 2023

Last update January 28, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.

Key dates

02Disclosure timeline

May 9, 2023 CVE published

January 28, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-28318

Related vulnerabilities

04Related CVE

CVE-2024-3269 Download Monitor <= 4.9.13 - Missing Authorization CVE-2024-12347 Guangzhou Huayi Intelligent Technology Jeewms Druid Monitoring Interface index.html improper authorization CVE-2022-30730 CVE-2023-21454 CVE-2025-10819 fuyang_lipengjun platform queryAll UserCouponController improper authorization