Security Vulnerability in 0.57.3, 0.58.3 and below
All users are advised to upgrade Rocket.Chat Server to 0.57.4, 0.58.4, 0.59.0 or greater.
Rocket.Chat Server version 0.58.3, 0.57.3 and prior versions are vulnerable to a NoSQL injection which can lead to an administrator account takeover.
Thank you to Steeve Barbeau for identifying and reporting the vulnerability. The details of the vulnerability will be shared in a future update.