CVE-2022-32211 – A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 …

Vuln ID: CVE-2022-32211

Published:  2022-09-23  19:15:11Z

Description: A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.

Source: NVD.NIST.GOV