A link preview rendering issue in Rocket.Chat versions prior to 3.9 could lead to potential XSS attacks.
rocket.chat rocket.chat