Mattermost fails to sanitize ephemeral error messages, allowing an attacker to obtain arbitrary message contents by a specially crafted /groupmsg command. CreditsJuho NurminenReferenceshttps://mattermost.com/security-updates/
