CVE-2026-22560

Sažetak

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

Reference

https://github.com/RocketChat/Rocket.Chat/pull/38994
https://hackerone.com/reports/3418031

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

10-04-2026 - 17:17

Objavljeno

10-04-2026 - 17:17