CVE-2024-39837 Information

Description

Mattermost versions 9.9.x <= 9.9.0 9.5.x <= 9.5.6 fail to properly restrict channel creation which allows a malicious remote to create arbitrary channels when shared channels were enabled.

Reference

https://mattermost.com/security-updates