Rocket.Chat Path Traversal

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Moe Szyslak on Dec 21

Rocket.Chat has fixed a server-side path traversal vulnerability that may
be abused to write files to attacker-controlled locations:

Exploitation of this vulnerability requires uploading attachments with
crafted names and requesting a data download.

No release of Rocket.Chat contains these fixes. Users should consider

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.


Original Source
Available for Amazon Prime