CVE-2023-27264

A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...

CVE-2023-27264 IDOR: Updating a playbook via the Playbooks API

A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...

CVE-2022-4019

The CVE-2022-4019 entry concerns the Mattermost Playbooks plugin. It describes a denial-of-service vulnerability where an authenticated user can crash the server by issuing multiple large requests to a Playbooks API endpoint. The underlying cause is not explicitly detailed beyond a lack of reques...