Количество 3
Количество 3
CVE-2024-39274
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to properly validate that the channel that comes from the sync message is a shared channel, when shared channels are enabled, which allows a malicious remote to add users to arbitrary teams and channels
CVE-2024-39274
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and ...
GHSA-cmc8-222c-vqp9
Mattermost failed to properly validate that the channel that comes from the sync message is a shared channel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-39274 Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to properly validate that the channel that comes from the sync message is a shared channel, when shared channels are enabled, which allows a malicious remote to add users to arbitrary teams and channels | CVSS3: 8.7 | 0% Низкий | около 1 года назад |
| CVE-2024-39274 Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and ... | CVSS3: 8.7 | 0% Низкий | около 1 года назад |
| GHSA-cmc8-222c-vqp9 Mattermost failed to properly validate that the channel that comes from the sync message is a shared channel | CVSS3: 8.7 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу