CVE-2018-21260

Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 4.8.1 Mattermost Server versions prior to 4.7.4 Mattermost Server versions prior to 4.6.3

Description An issue was discovered in Mattermost Server where WebSocket events were accidentally sent during certain user-management operations, violating user privacy.

Recommendations For versions prior to 4.8.1, update to version 4.8.1 or later. For versions prior to 4.7.4, update to version 4.7.4 or later. For versions prior to 4.6.3, update to version 4.6.3 or later.