Описание
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
Связанные уязвимости
CVSS3: 6.5
nvd
больше 2 лет назад
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
CVSS3: 6.5
debian
больше 2 лет назад
Mattermost fails to invalidate existing authorization codes when deaut ...