CVE-2024-10241 Information

Description

Mattermost versions 9.5.x <= 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K.

Reference

https://mattermost.com/security-updates