CVE-2019-20841

Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 5.18.0 Mattermost Server version 5.17.2 Mattermost Server version 5.16.4 Mattermost Server version 5.15.4 Mattermost Server version 5.9.7

Description An issue in Mattermost Server allows CSRF to sometimes occur via a crafted web site, potentially leading to account takeover attacks.

Recommendations For versions prior to 5.18.0, update to version 5.18.0 or later. For version 5.17.2, update to version 5.18.0 or later. For version 5.16.4, update to version 5.18.0 or later. For version 5.15.4, update to version 5.18.0 or later. For version 5.9.7, update to version 5.18.0 or later.