Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-6202

Опубликовано: 27 нояб. 2023
Источник: debian

Описание

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mattermost-serveritppackage

Связанные уязвимости

nvd логотип

CVE-2023-6202

CVSS3: 4.3
nvd
почти 2 года назад

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

github логотип

GHSA-85jj-c9jr-9jhx

CVSS3: 4.3
github
почти 2 года назад

Mattermost Improper Access Control vulnerability