Vulnerabilities > CVE-2023-2515 - Incorrect Authorization vulnerability in Mattermost Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin