Vulnerability CVE-2024-24776
Published: 2024-02-09

Description:
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions.

 References:
https://mattermost.com/security-updates
Copyright 2026, cxsecurity.com

 

Back to Top