{"uuid": "8ea4b76d-eb8d-49b8-91a4-108c743324a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28325", "type": "seen", "source": "https://t.me/cibsecurity/63937", "content": "\u203c CVE-2023-28325 \u203c\n\nAn improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:28.000000Z"}