Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/05/23 5:4 a.m.9 views

CVE-2023-1775

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

6.5CVSS6.4AI score0.00546EPSS
Exploits0References1
cve
cve
added 2023/03/31 11:26 a.m.57 views

CVE-2023-1775

Summary: CVE-2023-1775 affects Mattermost Server in High Availability mode, where sanitization failures on certain user_updated and post_deleted events can disclose sensitive information to connected WebSocket clients. This results in an information disclosure vulnerability without confirmed expl...

6.5CVSS5.2AI score0.00546EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/03/31 11:26 a.m.29 views

CVE-2023-1775 Unsanitized events sent over Websocket to regular users in a High Availability environment

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

4.3CVSS6.5AI score0.00546EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/03/31 11:26 a.m.9 views

CVE-2023-1775 Unsanitized events sent over Websocket to regular users in a High Availability environment

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

4.3CVSS6.4AI score0.00546EPSS
Exploits0References1
osv
osv
added 2023/03/31 11:26 a.m.17 views

CVE-2023-1775 Unsanitized events sent over Websocket to regular users in a High Availability environment

When running in a High Availability configuration, Mattermost fails to sanitize some of the userupdated and postdeleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients...

4.3CVSS6.6AI score0.00546EPSS
Exploits0References3
Rows per page
Query Builder