3 matches found
Mattermost Server < 7.8.10 / 8.x < 8.1.1 Incorrect Authorization (MMSA-2023-00223)
The version of Mattermost Server running on the remote host is prior to 7.8.10 or 8.x prior to 8.1.1. It is, therefore, affected by an incorrect authorization vulnerability. Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager ...
CVE-2023-5194
Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager to demote / deactivate another manager...
CVE-2023-5194
Mattermost contains an Incorrect Authorization vulnerability (CVE-2023-5194) where permissions are not properly validated when demoting and deactivating a user. This lets a system/user manager demote or deactivate another manager. Affected versions include Mattermost Server prior to 7.8.10 and 8....