An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API.
CPE | Name | Operator | Version |
---|---|---|---|
mattermost-server | eq | 4.2.0 | |
mattermost-server | eq | 4.2.0-rc4 |