Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mattermost mattermost |
||
mattermost mattermost 9.0.0 |