Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
rocket.chat rocket.chat