CVE-2023-47858 | Mattermost up to 8.1.6/9.0.4/9.1.3/9.2.2 Archived Public Channel deleted access control

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability was found in Mattermost up to 8.1.6/9.0.4/9.1.3/9.2.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v4/teams//channels/deleted of the component Archived Public Channel Handler. The manipulation leads to improper access controls.

This vulnerability is handled as CVE-2023-47858. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-47858 | Mattermost up to 8.1.6/9.0.4/9.1.3/9.2.2 Archived Public Channel deleted access control

Related Posts

CVE-2024-4783 | jQuery T Countdown Widget Plugin up to 2.3.25 on WordPress Shortcode tminus cross site scripting

CVE-2024-4370 | WPZOOM Addons for Elementor Plugin up to 1.1.36 on WordPress Image Box Widget cross site scripting

CVE-2024-3138 | francoisjacquet RosarioSIS 11.5.1 Add Portal Note cross site scripting

CVE-2024-5529 | WP QuickLaTeX Plugin up to 3.8.7 on WordPress Setting cross site scripting