CVE-2024-1949 Information

Description

A race condition in Mattermost versions 8.1.x before 8.1.9 and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts’ contents via carefully timed post creation while another user deletes posts.

Reference

https://mattermost.com/security-updates