4 matches found
CVE-2024-10241
Mattermost versions 9.5.x = 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K...
openSUSE Security Advisory (SUSE-SU-2024:3911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-10241
Mattermost versions 9.5.x = 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K...
CVE-2024-10241
CVE-2024-10241 affects Mattermost 9.5.x up to 9.5.9 when ElasticSearch is enabled. The root cause is improper filtering of channel data, enabling a user to reveal private channel names by triggering the Ctrl/Cmd+K channel-switch UI. Impact is information disclosure of private channels; no other c...