Sensitive Information Disclosure during Legacy Attachment Migration in Mattermost Server
CVE-2019-20855 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows attackers to obtain sensitive information (local files) during legacy attachment migration.
Learn more about our Cis Benchmark Audit For Server Software.