Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created. CreditsSUBHASIS DATTA (claverrat)Referenceshttps://mattermost.com/security-updates
