CVE-2023-47858

Mattermost fails to properly verify the permissions needed for viewing archived public channels,  allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams/<team-id>/channels/deleted endpoint. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt