Falke

**Name of the Vulnerable Software and Affected Versions** Mattermost Desktop App versions prior to 6.1 Mattermost Desktop App version 5.5.13.0 **Description** The application fails to restrict the allow list of domains for NTLM credential forwarding. This allows a user on a server where the image proxy is disabled to intercept other users' credentials by embedding an image that routes to an external web server. NTLM (NT LAN Manager) is a suite of security protocols used to authenticate users. **Recommendations** Update Mattermost Desktop App to a version later than 6.1. Update Mattermost Desktop App to a version later than 5.5.13.0. Enable the image proxy on the server to prevent the interception of credentials via embedded images.