An issue exists in Mattermost Server prior to 5.18.0. An attacker can send a user_typing WebSocket event to any channel.
mattermost mattermost server