[github.com/mattermost/mattermost-server/v6] Mattermost vulnerable to information disclosure

When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients.

Issue Identifier: MMSA-2023-00138

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-1775
• https://mattermost.com/security-updates/
• https://github.com/advisories/GHSA-8jhh-3jf2-pfwr