Mikolajczak

**Name of the Vulnerable Software and Affected Versions** Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 **Description** The issue concerns a cleartext transmission of sensitive information in Rocket.Chat, specifically relating to OAuth tokens. This could potentially lead to an OAuth token leak in the product, particularly for users with the permission "view-full-other-user-info". **Recommendations** For versions prior to 5, update to version 5 or later to resolve the issue. For versions prior to 4.8.2, update to version 4.8.2 or later to resolve the issue. For versions prior to 4.7.5, update to version 4.7.5 or later to resolve the issue.