A vulnerability was found in Mattermost up to 9.5.7/9.8.2/9.9.1/9.10.0/9.11.0. It has been classified as problematic. Affected is an unknown function of the component User Management Page. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-40886. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.