2 matches found
CVE-2023-2797
Mattermost vulnerability CVE-2023-2797 arises from failure to sanitize code permalinks, enabling an attacker to preview code from private repositories when a crafted permalink is posted in a channel. Affected product: Mattermost (open source collaboration platform); vulnerable component/process: ...
CVE-2023-2797 Path traversal in GitHub plugin's code preview feature
Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel...