4 matches found
CVE-2023-27264
A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...
CVE-2023-27264 IDOR: Updating a playbook via the Playbooks API
A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...
CVE-2023-27264
CVE-2023-27264 describes a missing permissions check in Mattermost Playbooks that allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API. Root cause appears to be insufficient authorization on the Playbooks update path. Affected product: Mattermost Pl...
CVE-2023-27264 IDOR: Updating a playbook via the Playbooks API
A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...