Vulnerability
Description
In the password reset function of the chat programme Rocket.Chat, there is an email address enumeration vulnerability. This flaw allows an unauthorised user to enumerate registered email addresses on a Rocket.Chat instance.
Recommendations
- Update RocketChat to latest one
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
