Description

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

INFO

Published Date :

2026-04-10T17:00:11.746Z

Last Modified :

2026-04-10T17:00:11.746Z

Source :

hackerone
AFFECTED PRODUCTS

The following products are affected by CVE-2026-22560 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22560.

URL Resource
https://github.com/RocketChat/Rocket.Chat/pull/38994 cve-icon cve-icon
https://hackerone.com/reports/3418031 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System