CVE-2018-21254

2020-06-19T17:15:00
ID CVE-2018-21254
Type cve
Reporter cve@mitre.org
Modified 2020-06-30T18:26:00

Description

An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command.