3 matches found
CVE-2024-36492
creationtimestamp| type| source ---|---|--- 2024-08-01 17:56:03+00:00| seen| https://t.me/cvedetector/2245...
CVE-2024-36492 Existing local user overwritten by malicious remote
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user...
CVE-2024-36492 Existing local user overwritten by malicious remote
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user...