CVE-2023-7114

Опубликовано: 29 дек. 2023

Источник: debian

Описание

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

Пакет	Статус	Версия исправления	Релиз	Тип
mattermost-server	itp			package

CVE-2023-7114

CVSS3: 7.1

nvd

почти 2 года назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

GHSA-22fj-xvpx-pqm9

CVSS3: 7.1

github

почти 2 года назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.