CVE-2023-3591 Information

Description

Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created.

Reference

https://mattermost.com/security-updates