A_Osman123

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 9.11.x through 9.11.8 Mattermost versions 10.3.x through 10.3.3 Mattermost versions 10.4.x through 10.4.2 **Description** The issue allows authenticated attackers to bypass MFA protections through user search, channel search, or team search queries, as certain search APIs do not implement MFA. **Recommendations** For versions 9.11.x through 9.11.8, update to a version that enforces MFA on search APIs. For versions 10.3.x through 10.3.3, update to a version that enforces MFA on search APIs. For versions 10.4.x through 10.4.2, update to a version that enforces MFA on search APIs.