5 matches found
CVE-2023-6459 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
CVE-2023-6459
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...
CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...
CVE-2023-6459
Mattermost CVE-2023-6459 affects the /metrics endpoint. The vulnerability arises because calls are grouped by id and report that id in the response, where id corresponds to channelID, causing the public /metrics endpoint to disclose channelIDs. The available connected records (BIT-MATTERMOST-2023...
CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...