Описание
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
Связанные уязвимости
CVSS3: 6.5
nvd
около 2 лет назад
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
CVSS3: 6.5
debian
около 2 лет назад
Mattermost fails to invalidate existing authorization codes when deaut ...