Description

I found a security vulnerability in Rocket's latest android app by which I was able to remotely crash any user’s app instantly just by just sending a simple message in private or in channel. The vulnerability require the victim open the message.

Devices and Versions

Rocket.Chat.Android version: (e.g. 4.5.1)

Mobile device model and OS version: (tested on 👍 -- " Android 6.0, 8.0, 10.0"), probably any other android version

Steps to reproduce

Create new #test channel
Send POC Code onto the channel
Open Mobile App
App gets crashed

POC

Crafted code to crash mobile app

Message Preview

App Gets Crashed

Code Link

https://pastebin.com/raw/JEDcC5Yr

There is no such problem in iOS client and rocket web