8 matches found
CVE-2023-5193
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
Mattermost Incorrect Authorization vulnerability
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
GHSA-H8WH-F7GW-FWPR Mattermost Incorrect Authorization vulnerability
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
Design/Logic Flaw
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation...
CVE-2023-5193
Mattermost CVE-2023-5193 describes a permissions flaw where a System Role with the permission to manage channels can read posts in direct messages due to improper permission checks. The issue has been associated with Mattermost Server versions prior to 7.8.10, 8.0.x prior to 8.0.2, and 8.1.0 (per...