Ghaem51

**Name of the Vulnerable Software and Affected Versions** Rocket.Chat versions prior to 3.18.6 Rocket.Chat versions prior to 4.4.4 Rocket.Chat versions prior to 4.7.3 **Description** A SQL injection issue exists, allowing an attacker to retrieve a reset password token or a 2fa secret. **Recommendations** For versions prior to 3.18.6, update to version 3.18.6 or later. For versions prior to 4.4.4, update to version 4.4.4 or later. For versions prior to 4.7.3, update to version 4.7.3 or later.