Vulnerability Key Information Summary Vulnerability Overview: An open redirect vulnerability exists in Rocket.Chat. The endpoint includes a redirect query string value directly in the request header. Since this route is accessible without server-side validation, an attacker can leverage a legitimate Rocket.Chat domain to redirect users to arbitrary external websites. Impact Scope: The endpoint of Rocket.Chat. Fix: Upgrade the system to version v8.4.0. POC/Exploit Code: No specific POC code or exploit code block is included in the screenshot.