Описание
Mattermost post fetching without auditing in compliance export
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export.
Пакеты
github.com/mattermost/mattermost/server/v8
>= 9.3.0, < 9.3.1
9.3.1
github.com/mattermost/mattermost/server/v8
>= 9.2.0, < 9.2.5
9.2.5
github.com/mattermost/mattermost/server/v8
< 8.1.9
8.1.9
Связанные уязвимости
Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export.
Mattermost fails to check if compliance export is enabled when fetchin ...