CVE Published: 09/08/2021 |
CVE Updated: 03/08/2024 |
CVE Year: 2021 Source: hackerone |
Vendor: n/a |
Product: Rocket.Chat server Status : PUBLISHED
CVE-2021-22910 Description
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.