Mattermost vulnerable to information disclosure
Discription

When running in a High Availability configuration, Mattermost fails to sanitize some of the `user_updated` and` post_deleted` events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients.

[Issue Identifier](https://mattermost.com/security-updates/): MMSA-2023-00138Read More

Back to Main

Subscribe for the latest news: