Опубликовано: 09 фев. 2024
Источник: github
Github: Прошло ревью
CVSS4: 2.3
CVSS3: 3.1
Описание
Mattermost fails to check the required permissions
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions.
Пакеты
Наименование
github.com/mattermost/mattermost/server/v8
go
Затронутые версииВерсия исправления
< 8.1.8
8.1.8
Наименование
github.com/mattermost/mattermost/server/v8
go
Затронутые версииВерсия исправления
>= 9.0.0, < 9.3.0
9.3.0
Связанные уязвимости
CVSS3: 3.1
nvd
почти 2 года назад
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions.
CVSS3: 3.1
debian
почти 2 года назад
Mattermost fails to check the required permissions in thePOST /api/v4/ ...