Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-6202

Опубликовано: 27 нояб. 2023
Источник: debian
EPSS Низкий

Описание

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mattermost-serveritppackage

EPSS

Процентиль: 46%
0.00231
Низкий

Связанные уязвимости

nvd логотип

CVE-2023-6202

CVSS3: 4.3
nvd
около 2 лет назад

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

github логотип

GHSA-85jj-c9jr-9jhx

CVSS3: 4.3
github
около 2 лет назад

Mattermost Improper Access Control vulnerability

EPSS

Процентиль: 46%
0.00231
Низкий