Описание
Mattermost Improper Access Control vulnerability
Mattermost fails to check if hardened mode is enabled when overriding the username and/or the icon when posting a post. If settings allowed integrations to override the username and profile picture when posting, a member could also override the username and icon when making a post even if the Hardened Mode setting was enabled
Пакеты
github.com/mattermost/mattermost/server/v8
< 8.1.4
8.1.4
github.com/mattermost/mattermost-server/v6
< 7.8.13
7.8.13
Связанные уязвимости
Mattermost fails to check if hardened mode is enabled when overriding the username and/or the icon when posting a post. If settings allowed integrations to override the username and profile picture when posting, a member could also override the username and icon when making a post even if the Hardened Mode setting was enabled
Mattermost fails to check if hardened mode is enabled when overriding ...