CVE-2024-40884

Опубликовано: 22 авг. 2024

Источник: debian

Описание

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mattermost-server	itp			package

Связанные уязвимости

CVE-2024-40884

CVSS3: 2.7

redhat

больше 1 года назад

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL.

CVE-2024-40884

CVSS3: 2.7

nvd

больше 1 года назад

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL.

GHSA-3j95-8g47-fpwh

CVSS3: 2.7

github

больше 1 года назад

Mattermost allows team admin user without "Add Team Members" permission to disable invite URL