Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-27264

Disclosure Date: February 27, 2023 (last updated February 24, 2025)
A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-27263

Disclosure Date: February 27, 2023 (last updated February 24, 2025)
A missing permissions check in the /plugins/playbooks/api/v0/runs API in Mattermost allows an attacker to list and view playbooks belonging to a team they are not a member of.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0