Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-2791

Disclosure Date: June 16, 2023 (last updated February 25, 2025)
When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0