[github.com/mattermost/mattermost-server] Mattermost vulnerable to cross-site scripting (XSS)

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file.

Issue Identifier: MMSA-2023-00139

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-1776
• https://mattermost.com/security-updates/
• https://github.com/advisories/GHSA-63f2-6959-2pxj