CVE-2019-20875

Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 5.9.0 Mattermost Server versions prior to 5.8.1 Mattermost Server versions prior to 5.7.3 Mattermost Server versions prior to 4.10.8

Description The issue allows a password reset to proceed while an e-mail address is being changed.

Recommendations For versions prior to 5.9.0, update to version 5.9.0 or later. For versions prior to 5.8.1, update to version 5.8.1 or later. For versions prior to 5.7.3, update to version 5.7.3 or later. For versions prior to 4.10.8, update to version 4.10.8 or later.