CVE-2023-6458 | Mattermost up to 7.8.13/8.1.4/9.0.2/9.1.1 Route in//channels/ allowing injection

Posted by Angelo Barbosa | Dec 6, 2023 | CVE

A vulnerability was found in Mattermost up to 7.8.13/8.1.4/9.0.2/9.1.1. It has been classified as problematic. Affected is an unknown function of the file in//channels/ allowing of the component Route Handler. The manipulation leads to injection.

This vulnerability is traded as CVE-2023-6458. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6458 | Mattermost up to 7.8.13/8.1.4/9.0.2/9.1.1 Route in//channels/ allowing injection

Related Posts

CVE-2023-47254 | DrayTek Vigor167 5.2.2 CLI os command injection (SYSS-2023-023)

CVE-2023-38299 | AT&T/Nokia Devices information disclosure

CVE-2024-24331 | Totolink A3300R 17.0.0cu.557_B20221024 setWiFiScheduleCfg enable command injection

CVE-2024-40642 | netty-incubator-codec-ohttp up to 0.0.12 HTTP Protocol readRequestHead server-side request forgery (GHSA-q8f2-hxq5-cp4h)