Garretby

**Name of the Vulnerable Software and Affected Versions** Rocket.chat versions prior to 5 **Description** A privilege escalation issue exists that allows any authenticated user to elevate privileges and view Direct messages without appropriate permissions. **Recommendations** For versions prior to 5, update to version 5 or later to resolve the issue. As a temporary workaround, consider restricting access to Direct messages until a patch is available.