6 matches found
CVE-2023-5193
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
Mattermost Server < 7.8.10 / 8.0.x < 8.0.2 / 8.1.0 Multiple Vulnerabilities (MMSA-2023-00222) (MMSA-2023-00224) (MMSA-2023-00230)
The version of Mattermost Server running on the remote host is prior to 7.8.10, 8.0.x prior to 8.0.2, or 8.1.0. It is, therefore, affected by multiple vulnerabilities: - Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage...
CVE-2023-5193
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193
Mattermost CVE-2023-5193 describes a permissions flaw where a System Role with the permission to manage channels can read posts in direct messages due to improper permission checks. The issue has been associated with Mattermost Server versions prior to 7.8.10, 8.0.x prior to 8.0.2, and 8.1.0 (per...