[Bug] Multiline in Inline bug

RocketChat / Rocket.Chat

The communications platform that puts data protection first.

https://rocket.chat/

Other

40.41k stars 10.51k forks source link

Open TvdBrink opened 6 years ago

TvdBrink commented 6 years ago

When sending an Multiline header in the Inline header it generates a random string of characters. Similair to: #11495

Send the following characters in a chat:

````

I don't know what should happen, but in my opinion it should just send 6 ` chars to the receiver(s). It looks like an injection vulnerability.

fliptrail commented 5 years ago

Can be closed. It has been solved in further Rocket.Chat updates