2023-11-06 15:35:14
Mattermost
PUBLISHED
Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.