CVE-2023-3615

Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection.

Credits

aapo (aapo)

References