Unknown · Mattermost · CVE-2022-1002
**Name of the Vulnerable Software and Affected Versions**
Mattermost versions 6.3.0 and earlier
**Description**
The issue arises from the failure to properly sanitize HTML content in email invitations sent to guest users. This allows registered users with special permissions to invite guest users and inject unescaped HTML content into the email invitations.
**Recommendations**
For Mattermost versions 6.3.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.