CSV export/import functionality allows administrators to modify member and message content of a workspace

On August 6th, 2022 @security-warrior submitted a report in HackerOne to Slack regarding the CSV export/import functionality primarily used by administrators to merge workspaces. The report centers on the ability of an administrator to modify an export to change user or message content. Upon consideration of the trusted role of Slack administrators and the functionality our customers gained by allowing CSV export/import in an editable format, we closed the report as Informative since the feature was working as designed. We thank @security-warrior for their report and wish them luck in their future bug hunting.