5 matches found
CVE-2023-47858
Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams//channels/deleted endpoint...
CVE-2023-47858 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
CVE-2023-47858 Details of archived public channels are leaked to members of another team
Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams//channels/deleted endpoint...
CVE-2023-47858 Details of archived public channels are leaked to members of another team
Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams//channels/deleted endpoint...
CVE-2023-47858
Mattermost server vulnerability CVE-2023-47858: The issue arises from insufficient verification of permissions when viewing archived public channels via GET /api/v4/teams//channels/deleted, allowing a member of one team to retrieve details about archived channels of another team. The advisory dat...