CVE-2024-1887

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 29, 2024
CWE ID 284

Summary

CVE-2024-1887 is a vulnerability affecting Mattermost, an open-source collaboration platform. This issue arises due to Mattermost's failure to verify if compliance export is enabled before fetching posts from public channels. As a result, users who are not members of these public channels can access and view the posts without being recorded in compliance exports. This vulnerability could potentially lead to unintended disclosure of sensitive information, undermining the security and auditing capabilities of the platform.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share