Autore: Angelo Barbosa

A vulnerability classified as critical was found in Mattermost up to 7.8.12/8.1.3. Affected by this vulnerability is an unknown functionality of the component Username Icon Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2023-47865. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability classified as critical has been found in Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0. Affected is an unknown function of the file /plugins/focalboard/api/v2/users. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2023-6202. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /oauth/{service}/mobile_login of the component Custom URL Scheme Handler. The manipulation of the argument redirect_to leads to open redirect. The identification of this vulnerability is CVE-2023-47168. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in Mattermost up to 7.8.12/8.1.3. It has been declared as problematic. This vulnerability affects unknown code of the component Show Full Name Option Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2023-45223. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0. It has been classified as problematic. This affects an unknown part of the component Permalink Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-43754. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected...