CVE-2023-47865 Information

Description

Mattermost fails to check if hardened mode is enabled when overriding the username and/or the icon when posting a post. If settings allowed integrations to override the username and profile picture when posting a member could also override the username and icon when making a post even if the Hardened Mode setting was enabled

Reference

https://mattermost.com/security-updates