CVE-2017-18890
CVE-2017-18890 affects Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. An attacker can craft a UI button that, when pressed by a user, triggers an API request. The vulnerability description across Red Hat/SUSE/SUSCVE and OSV confirms the same behavior and impact. Remediation guidance in sourc...