What the vulnerability does

01Description

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.

Key dates

02Disclosure timeline

May 27, 2021 CVE published
August 3, 2024 Record updated