CVE-2019-20883

An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only. Users can pin or unpin a post. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt