CVE-2023-5968
Password hash in response body after username update
Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected products
Mattermost · MattermostWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://mattermost.com/security-updates