Jo Astoreca

**Name of the Vulnerable Software and Affected Versions** Mattermost (affected versions not specified) **Description** The issue is related to Mattermost's failure to sanitize post metadata during audit logging, resulting in the contents of permalinks being logged. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost (affected versions not specified) **Description** The issue concerns the failure to redact sensitive information from audit logs. Specifically, it affects the user password during user creation and the user password hash in other operations. This occurs when the experimental audit logging configuration is enabled, as defined in the ExperimentalAuditSettings section of the configuration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.