CVE-2023-4108
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2023-4108 is a vulnerability affecting the Mattermost collaboration platform. The issue lies in Mattermost's audit logging function, which fails to sanitize post metadata. This oversight results in permalink contents being logged, potentially exposing sensitive information. An attacker could exploit this vulnerability by crafting specially formulated messages containing malicious links. The logged permalinks, if accessed, could lead to unintended consequences, such as data breaches or unauthorized access. It is recommended that Mattermost users upgrade to the latest version to address this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Apache Tomcat
- Debian
Affected Vendors
- Apache Software Foundation
- Debian