2 matches found
CVE-2023-3582 Lack of channel membership check when linking a board to a channel
Mattermost fails to verify channel membership when linking a board to a channel allowing a low-privileged authenticated user to link a Board to a private channel they don't have access to,...
CVE-2023-3582
CVE-2023-3582 in Mattermost describes a failure to verify channel membership when linking a board to a channel. A low-privileged authenticated user can link a Board to a private channel they should not access, potentially exposing restricted content or altering channel-board associations. The ava...