Mattermost fails to properly check permissions when retrieving a post allowing forĀ a System Role with the permission to manage channels to read the posts of a DM conversation.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2023-09-29T09:23:47.082Z
Updated: 2024-08-02T07:52:07.827Z
Reserved: 2023-09-26T08:44:07.420Z
Link: CVE-2023-5193
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-29T10:15:10.687
Modified: 2023-10-03T17:32:42.060
Link: CVE-2023-5193
Redhat
No data.