Missing Authorization

github.com/mattermost/mattermost is vulnerable to Missing Authorization. A remote authenticated attacker is able to gain access to arbitrary posts by using the message threads API because the library fails to check channel membership when accessing message threads, resulting in disclosure of sensitive information.Read More