Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-2193

Disclosure Date: April 20, 2023 (last updated February 24, 2025)
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0