CVE-2019-20887

Publication date

2020-06-19 16:39:39

Family

mitre

State

PUBLISHED

Description

An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not honor flags API permissions when deciding whether a user can receive intra-team posts.