CVE-2024-39713

Summary

A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.

Affected Software

VendorProductVersion RangeStatus
Rocket.ChatRocket.Chat6.10.1 < 6.10.1affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References