Lucene search
China National Vulnerability DatabaseCNVD-2023-94484HistoryNov 30, 2023 - 12:00 a.m.
Mattermost Information Disclosure Vulnerability
2023-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
mattermost
information disclosure
authorization
collaboration platform
vulnerability
user information
exploitation
guest user
user ids
mattermost boards
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that stems from the inability to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint, which can be exploited by an attacker to obtain information (e.g., names, nicknames) about other users via Mattermost Boards, as a guest user and with knowledge of their user IDs.
Related
nvd
nvd
CVE-2023-6202
2023-11-27 10:15:08
github
github
Mattermost Improper Access Control vulnerability
2023-11-27 12:30:55
veracode
veracode
Improper Access Control
2023-11-28 09:53:47
prion
prion
Authorization
2023-11-27 10:15:00
cvelist
cvelist
osv
osv
Mattermost Improper Access Control vulnerability
2023-11-27 12:30:55
CGA-pghq-vx89-mr76
2024-06-24 14:34:07
CVE-2023-6202
2023-11-27 10:15:08
cve
cve
CVE-2023-6202
2023-11-27 10:15:08
nessus
nessus