QwikSec

Security Database

CVE

CWE

Training

CVE-2020-28208

Published: Jan 8, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://trovent.io/security-advisory-2010-01

x_refsource_MISC

[oss-security] 20210107 Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

mailing-list

x_refsource_MLIST

http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html

x_refsource_MISC

[oss-security] 20210108 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

mailing-list

x_refsource_MLIST

https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt

x_refsource_MISC

20210112 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

mailing-list

x_refsource_FULLDISC

[oss-security] 20210113 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

mailing-list

x_refsource_MLIST

20210119 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.