Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-43780

Disclosure Date: August 22, 2024 (last updated October 17, 2024)
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0