Mattermost fails to check whether the “Allow users to view archived channels” setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the “Allow users to view archived channels” setting is disabled.
References
Link | Resource |
---|---|
https://mattermost.com/security-updates | Vendor Advisory |
https://mattermost.com/security-updates | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://mattermost.com/security-updates - Vendor Advisory |
01 Dec 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mattermost
Mattermost mattermost |
|
CWE | NVD-CWE-noinfo | |
References | () https://mattermost.com/security-updates - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
CPE | cpe:2.3:a:mattermost:mattermost:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:* |
27 Nov 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-27 10:15
Updated : 2024-11-21 08:24
NVD link : CVE-2023-43754
Mitre link : CVE-2023-43754
CVE.ORG link : CVE-2023-43754
JSON object : View
Products Affected
mattermost
- mattermost
CWE