CVE-2023-2281 Information

Description

When archiving a team Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name display name description and other data about the archived team.

Reference

https://mattermost.com/security-updates/