Vulnerability CVE-2023-6458
Published: 2023-12-06   Modified: 2023-12-14

Description:
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

Type:

CWE-22

 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Affected software
Mattermost -> Mattermost server 

 References:
https://mattermost.com/security-updates
Copyright 2024, cxsecurity.com

 

Back to Top