An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mattermost mattermost server |
||
mattermost mattermost server 4.2.0 |