Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-40884

Disclosure Date: August 22, 2024 (last updated October 18, 2024)
Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0