CVE-2019-20844

Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 5.18.0 Mattermost Server version 5.17.2 Mattermost Server version 5.16.4 Mattermost Server version 5.15.4 Mattermost Server version 5.9.7

Description An issue was discovered in Mattermost Server where an attacker can spoof a direct-message channel by changing the type of a channel.

Recommendations For versions prior to 5.18.0, update to version 5.18.0 or later. For version 5.17.2, update to version 5.18.0 or later. For version 5.16.4, update to version 5.18.0 or later. For version 5.15.4, update to version 5.18.0 or later. For version 5.9.7, update to version 5.18.0 or later.