CVE-2023-47168 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 Custom URL Scheme mobile_login redirect_to

Posted by Angelo Barbosa | Nov 27, 2023 | CVE

A vulnerability was found in Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /oauth/{service}/mobile_login of the component Custom URL Scheme Handler. The manipulation of the argument redirect_to leads to open redirect.

The identification of this vulnerability is CVE-2023-47168. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-47168 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 Custom URL Scheme mobile_login redirect_to

Related Posts

CVE-2024-2077 | SourceCodester Simple Online Bidding System 1.0 index.php category_id sql injection

CVE-2024-2432 | Palo Alto GlobalProtect App up to 5.1.11/6.0.7/6.1.1/6.2.0 on Windows privileges management

CVE-2024-34817 | CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms Plugin cross-site request forgery

CVE-2024-41109 | Pimcore admin-ui-classic-bundle up to 1.3.9/1.4.5/1.5.1 /admin/index/statistics information disclosure