CVE-2024-1887 Information

Description

Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts which will not be audited in the compliance export. 

Reference

https://mattermost.com/security-updates