CVE-2024-5272 | Mattermost up to 8.1.12/9.5.3/9.6.1 Webhook custom_playbooks_playbook_run_updated access control

Inserito da Angelo Barbosa | Mag 26, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Mattermost up to 8.1.12/9.5.3/9.6.1. This issue affects the function custom_playbooks_playbook_run_updated of the component Webhook Handler. The manipulation leads to improper access controls.

The identification of this vulnerability is CVE-2024-5272. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5272 | Mattermost up to 8.1.12/9.5.3/9.6.1 Webhook custom_playbooks_playbook_run_updated access control

Post correlati

CVE-2024-41911 | HP Poly Clariti Manager up to 10.10.2.2 cross site scripting

CVE-2024-30890 | ED01-CMS 1.0 categories.php cross site scripting

CVE-2024-26139 | OpenCTI up to 5.12.31 Edit access control (GHSA-qx4j-f4f2-vjw9)

CVE-2024-46706 | Linux Kernel up to 6.6.47/6.10.6 fsl_lpuart serial_ctrl.c information disclosure (8eb92cfca6c2/3ecf625d4acb/dc98d76a15bc)