GHSA-GG42-MWR6-P82C Mattermost Server has intermittent Authorization bypass for resource-owners
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Resource-owner authorization can be intermittently bypassed, allowing account takeover...