3 matches found
CVE-2023-2791
When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post...
CVE-2023-2791
CVE-2023-2791 concerns Mattermost where creating a playbook run via the "/dialog" API fails to validate all parameters. The underlying issue is a parameter validation weakness that lets an authenticated attacker edit an arbitrary channel post. Public sources in the connected documents consistentl...
CVE-2023-2791 Playbooks lets you edit arbitrary posts
When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post...