4 matches found
CVE-2023-5159
Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots...
CVE-2023-5159 A User Manager role with user edit permissions could manage/update bots
Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots...
CVE-2023-5159 A User Manager role with user edit permissions could manage/update bots
Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots...
CVE-2023-5159
Mattermost (CVE-2023-5159) describes an improper permissions check when managing or updating a bot, allowing a User Manager with user-edit rights to manage/update bots. Affected component: bot permission verification logic; root cause: insufficient permission verification. Impact stated: privileg...