Tag
Mattermost Legal Hold plugin versions 1.1.4 and earlier allow authenticated attackers to bypass authorization checks, enabling unauthorized access and modification of legal hold data via crafted API requests.