CVE-2017-18903

Name of the Vulnerable Software and Affected Versions: Mattermost Server versions prior to 4.0.0 Mattermost Server versions 3.10.2 and earlier Mattermost Server versions 3.9.2 and earlier

Description: An issue allows CSRF to occur if CORS is enabled.

Recommendations: For versions prior to 4.0.0, update to version 4.0.0 or later. For versions 3.10.2 and earlier, update to version 3.10.3 or later. For versions 3.9.2 and earlier, update to version 3.9.3 or later.