CVE-2020-14458
Mattermost Server before 5.19.0 is affected. The issue allows attackers to discover private channels through the get channel by name API (MMSA-2020-0004), an information-disclosure vulnerability. Affected product is Mattermost Server; vulnerable component is the get channel by name API endpoint. ...