2 matches found
CVE-2024-36241
Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to enforce proper access controls which allows user to view arbitrary post contents via the /playbook add slash command...
CVE-2024-29215
Mattermost Server vulnerability CVE-2024-29215: Improper access control in slash commands linked to playbook tasks allows a user to run a slash command in a channel they are not a member of. Affected versions: Mattermost 9.5.x up to 9.5.3; 9.7.x up to 9.7.1; 9.6.x up to 9.6.1; 8.1.x up to 8.1.12....