CVE-2023-4107

Опубликовано: 11 авг. 2023

Источник: debian

Описание

Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mattermost-server	itp			package

Связанные уязвимости

CVE-2023-4107

CVSS3: 6.7

nvd

около 2 лет назад

Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.

GHSA-6xjj-v76v-fwpj

CVSS3: 6.7

github

около 2 лет назад

Mattermost does not validate requesting user permissions before updating admin details