Rocket.Chat · Rocket.Chat Server · CVE-2017-1000493
**Name of the Vulnerable Software and Affected Versions**
Rocket.Chat Server versions prior to 0.59
**Description**
The issue allows for a NoSQL injection, which can lead to the takeover of an administrator account.
**Recommendations**
For Rocket.Chat Server versions prior to 0.59, update to a version newer than 0.59 to resolve the issue.