Описание
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-desktop | itp | package |
EPSS
Процентиль: 76%
0.00989
Низкий
Связанные уязвимости
CVSS3: 5.3
nvd
больше 1 года назад
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine.
CVSS3: 5.3
github
больше 1 года назад
Mattermost Desktop App Uncontrolled Search Path Vulnerability
EPSS
Процентиль: 76%
0.00989
Низкий