6 matches found
CVE-2024-39807
Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...
Information Disclosure
github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to a failure to properly sanitize the recipients of a webhook event, allowing attackers monitoring webhook events to retrieve the channel IDs of archived or restored channels...
CVE-2024-39807
Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...
CVE-2024-39807 Channel IDs of archived/restored channels leaked via webhook events
Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...
PT-2024-28677 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.5 Mattermost version 9.8.0 Description: The issue arises from the improper sanitization of recipients of a webhook event, allowing an attacker who is monitoring these events to obtain the channel IDs of...
Mattermost Security Vulnerabilities
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.5.x through 9.5.5 and 9.8.0, which stems from a failure to properly clean up the recipients of a webhook event, which allows an attacker to...