Описание
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.7.1.
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.7.1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-28208
- https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt
- https://trovent.io/security-advisory-2010-01
- http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html
- http://seclists.org/fulldisclosure/2021/Jan/32
- http://seclists.org/fulldisclosure/2021/Jan/43
- http://www.openwall.com/lists/oss-security/2021/01/07/1
- http://www.openwall.com/lists/oss-security/2021/01/08/1
- http://www.openwall.com/lists/oss-security/2021/01/13/1
Связанные уязвимости
CVSS3: 5.3
nvd
около 5 лет назад
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.