CVE-2023-28318 Information

Description

A vulnerability has been discovered in Rocket.Chat where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior hiding messages and deletion notices.

Reference

https://hackerone.com/reports/1379451