An issue exists in Mattermost Server prior to 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mattermost mattermost server |
||
mattermost mattermost server 5.2.0 |