CVE-2021-22911

Publication date

2021-05-27 11:14:39

Family

hackerone

State

PUBLISHED

Description

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.