4 matches found
CVE-2024-21848
Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel...
CVE-2024-21848 Users maintain access to active call after being removed from a channel
Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel...
CVE-2024-21848
Mattermost Server 8.1.x is affected by CVE-2024-21848 due to an improper access control flaw. If an attacker is in a channel with an active call, they can continue participating in the call even after being removed from the channel, up to versions before 8.1.11. Remediation is to upgrade to 8.1.1...
CVE-2024-21848 Users maintain access to active call after being removed from a channel
Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel...