2020-06-19 16:49:54
mitre
PUBLISHED
An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command.