CVE-2023-45316 | Mattermost up to 7.8.14/8.1.5/9.0.3/9.1.2/9.2.1 Telemetry Run ID path traversal

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability classified as critical was found in Mattermost up to 7.8.14/8.1.5/9.0.3/9.1.2/9.2.1. Affected by this vulnerability is an unknown functionality of the file /plugins/playbooks/api/v0/telemetry/run/ of the component Telemetry Run ID Handler. The manipulation leads to path traversal.

This vulnerability is known as CVE-2023-45316. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-45316 | Mattermost up to 7.8.14/8.1.5/9.0.3/9.1.2/9.2.1 Telemetry Run ID path traversal

Related Posts

CVE-2024-46676 | Linux Kernel up to 6.10.7 pn533 nfc_start_poll divide by zero

CVE-2024-2784 | Plus Addons for Elementor Plugin up to 5.5.4 on WordPress Hover Card cross site scripting

CVE-2024-4140 | rjbs Email-MIME up to 1.953 Multipart MIME Message allocation of resources (Issue 66)

CVE-2024-49060 | Microsoft Azure Stack HCI 22H2/23H2 hard-coded credentials