Vulnerability CVE-2023-6458


Published: 2023-12-06   Modified: 2023-12-14

Description:
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Affected software
Mattermost -> Mattermost server 

 References:
https://mattermost.com/security-updates

Copyright 2024, cxsecurity.com

 

Back to Top