A response from our Security team:
A critical vulnerability targeting the Spring Java framework was recently disclosed. Mattermost would like to share a quick update that our services and products are NOT affected by the Spring4Shell security vulnerability also identified as CVE-2022-22965.