CVE-2023-50333
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Jan 2, 2024
Updated: Jan 8, 2024
CWE ID 284
Summary
CVE-2023-50333: Mattermost's failure to update session permissions upon demoting a user to guest status allows freshly demoted guests to modify group names unintendedly. This vulnerability could potentially lead to unauthorized changes in group settings. Organizations utilizing Mattermost are advised to apply the necessary patch to mitigate this issue and prevent any potential misuse of this oversight.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share