Lucene search
PRIOn knowledge basePRION:CVE-2023-2787HistoryJun 16, 2023 - 9:15 a.m.
Code injection
2023-06-1609:15:00
PRIOn knowledge base
www.prio-n.com
6
mattermost
code injection
channel membership
message threads api
arbitrary posts
security vulnerability
0.001 Low
EPSS
Percentile
25.9%
Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mattermost | ge | 7.9.0 | |
| mattermost | le | 7.9.3 | |
| mattermost | ge | 7.8.0 | |
| mattermost | le | 7.8.4 | |
| mattermost | ge | 7.1.0 | |
| mattermost | le | 7.1.9 | |
| mattermost | eq | 7.10.0 |
References
Related
veracode
veracode
Missing Authorization
2023-06-28 05:48:05
osv
osv
CVE-2023-2787
2023-06-16 09:15:09
cve
cve
CVE-2023-2787
2023-06-16 09:15:09
cvelist
cvelist
nvd
nvd
CVE-2023-2787
2023-06-16 09:15:09