github.com/mattermost/mattermost-server is vulnerable to Missing Authorization. The vulnerability exists because the library does not verify whether the requestor is a system admin or not before allowing install requests to the Apps, allowing regular users to send malicious install requests to the Apps through the `/install` API endpoint.Read More