Podatność CVE-2023-49874


Publikacja: 2023-12-12   Modyfikacja: 2023-12-14

Opis:
Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update the tasks of a private playbook run if they know the run ID.

Typ:

CWE-noinfo

Affected software
Mattermost -> Mattermost server 

 Referencje:
https://mattermost.com/security-updates

Copyright 2024, cxsecurity.com

 

Back to Top