CVE-2023-47168 Information

Description

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked \Back to Mattermost\ after providing a invalid custom url scheme in /oauth/service/mobile_login?redirect_to=

Reference

https://mattermost.com/security-updates Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked \Back to Mattermost
after providing a invalid custom url scheme in /oauth/{service}/mobile_login?redirect_to=