Rocket.Chat Desktop client fails to open browser on 3rd party external actions from PDF documents

A persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Rocket.Chat Electron desktop application affecting 6.3.4 and older versions, which can be exploited through the upload and subsequent user interaction with files containing specially crafted links.