Published: April 10, 2026 | Last Modified: April 10, 2026
An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.
Exploitation Probability (EPSS): Low — 0.02% (4th percentile)
Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.
This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.