Mattermost: >> Mattermost Server >> 7.8.6 Security Vulnerabilities
Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created.
CVSS Score
4.8
EPSS Score
0.003
Published
2023-07-17
When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived team.
CVSS Score
3.1
EPSS Score
0.005
Published
2023-04-25
Page 5