Vulnerability CVE-2023-47858
Published: 2024-01-02

Description:
Mattermost fails to properly verify the permissions needed for viewing archived public channels,  allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams/<team-id>/channels/deleted endpoint.

 References:
https://mattermost.com/security-updates
Copyright 2026, cxsecurity.com

 

Back to Top