Podatność CVE-2023-6458


Publikacja: 2023-12-06   Modyfikacja: 2023-12-14

Opis:
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

Typ:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Affected software
Mattermost -> Mattermost server 

 Referencje:
https://mattermost.com/security-updates

Copyright 2024, cxsecurity.com

 

Back to Top