CVE-2023-3591

Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt