CVE-2017-18904
Mattermost Server prior to 4.0.0, 3.10.2, and 3.9.2 is vulnerable to XSS via an uploaded file. The issue is documented across multiple feeds (NVD, Red Hat, SUSE, OSV, GHSA) with the same basic description: uploaded-file handling allows cross-site scripting. No explicit remediation version is stat...