Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.10 views

CVE-2023-45316

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

8.8CVSS6.9AI score0.00309EPSS
Exploits0References1
Circl
Circl
added 2024/01/02 10:7 a.m.6 views

CVE-2023-45316

creationtimestamp| type| source ---|---|--- 2024-01-02 10:07:00+00:00| seen| https://t.me/ctinow/161639 2025-05-24 10:44:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17483...

8.8CVSS8.1AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/12 8:23 a.m.16 views

CVE-2023-45316 Reflected client side path traversal leading to CSRF in Playbooks

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

7.3CVSS8.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/12 8:23 a.m.3 views

CVE-2023-45316 Reflected client side path traversal leading to CSRF in Playbooks

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

7.3CVSS6.7AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2023/12/12 8:23 a.m.76 views

CVE-2023-45316

Mattermost is affected by a path traversal CSRF vulnerability in the Playbooks telemetry endpoint. The issue arises from insufficient validation of a relative path passed to /plugins/playbooks/api/v0/telemetry/run/, enabling an attacker to craft a path traversal payload that points to a different...

8.8CVSS7.9AI score0.00309EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder