Количество 3
Количество 3
CVE-2024-1952
Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing an authenticated attacker who can control the ephemeral post update to access individual posts' contents in channels they are not a member of.
CVE-2024-1952
Mattermost version 8.1.x before 8.1.9 fails to sanitize data associate ...
GHSA-r4fm-g65h-cr54
Mattermost incorrectly allows access individual posts
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-1952 Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing an authenticated attacker who can control the ephemeral post update to access individual posts' contents in channels they are not a member of. | CVSS3: 3.1 | 0% Низкий | почти 2 года назад |
| CVE-2024-1952 Mattermost version 8.1.x before 8.1.9 fails to sanitize data associate ... | CVSS3: 3.1 | 0% Низкий | почти 2 года назад |
| GHSA-r4fm-g65h-cr54 Mattermost incorrectly allows access individual posts | CVSS3: 3.1 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу