CVE-2017-18883: Mattermost Server has low entropy for authorization data as an OAuth 2.0 Service Provider

Severity: Critical

CVSS Score: 9.1

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.