4 matches found
CVE-2023-5195
Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of...
Mattermost Server < 7.8.10 / 8.0.x < 8.0.2 / 8.1.0 Multiple Vulnerabilities (MMSA-2023-00222) (MMSA-2023-00224) (MMSA-2023-00230)
The version of Mattermost Server running on the remote host is prior to 7.8.10, 8.0.x prior to 8.0.2, or 8.1.0. It is, therefore, affected by multiple vulnerabilities: - Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage...
CVE-2023-5195 A team member can soft delete other teams that they are not part of
Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of...
CVE-2023-5195
CVE-2023-5195 affects Mattermost Server. The issue arises from improper permission validation when soft deleting a team, which can allow a team member to soft delete other teams they are not part of. The provided documents identify the vulnerable component (Mattermost server) and the root cause (...