Unrated severityNVD Advisory· Published May 27, 2021· Updated Aug 3, 2024
CVE-2021-22911
CVE-2021-22911
Description
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Rocket.Chat/Rocket.Chat serverdescription
- Range: 3.11, 3.12, 3.13
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.htmlmitrex_refsource_MISC
- blog.sonarsource.com/nosql-injections-in-rocket-chatmitrex_refsource_MISC
- hackerone.com/reports/1130721mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.