CVE-2019-20882
Mattermost Server before 5.8.0 does not honor the domain requirement when processing a join request for an open/public team. Root cause: domain validation in the join flow is insufficient, enabling potential unauthorized joining of public teams (exploit described in CNVD/DOCs). Affected version r...