Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an malicious user to perform a client-side path traversal.
mattermost mattermost server
Vulmon