Lucene search
PRIOn knowledge basePRION:CVE-2023-4107HistoryAug 11, 2023 - 7:15 a.m.
Code injection
2023-08-1107:15:00
PRIOn knowledge base
www.prio-n.com
4
code injection
mattermost
user permissions validation
system admin
user manager
email
first name
last name
nvd
0.0005 Low
EPSS
Percentile
16.0%
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin’s details such as email, first name and last name.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mattermost | ge | 7.10.0 | |
| mattermost | lt | 7.10.4 | |
| mattermost | ge | 7.9.0 | |
| mattermost | lt | 7.9.6 | |
| mattermost | ge | 7.8.0 | |
| mattermost | lt | 7.8.8 |
References
Related
cve
cve
CVE-2023-4107
2023-08-11 07:15:09
osv
osv
CVE-2023-4107
2023-08-11 07:15:09
veracode
veracode
Incorrect Authorization
2023-08-15 02:55:13
cvelist
cvelist
nvd
nvd
CVE-2023-4107
2023-08-11 07:15:09
github
github
nessus
nessus