CVE-2023-7114

Опубликовано: 29 дек. 2023

Источник: debian

EPSS Низкий

Описание

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

Пакет	Статус	Версия исправления	Релиз	Тип
mattermost-server	itp			package

EPSS

Процентиль: 52%

0.00286

Низкий

CVE-2023-7114

CVSS3: 7.1

nvd

почти 2 года назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

GHSA-22fj-xvpx-pqm9

CVSS3: 7.1

github

почти 2 года назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

EPSS

Процентиль: 52%

0.00286

Низкий