CVE-2016-11074: Mattermost Server: Insufficient Password-Reset Link Invalidation

Severity: Critical

CVSS Score: 9.8

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.