Vulnerabilities > CVE-2023-49874 - Unspecified vulnerability in Mattermost Server

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
mattermost

Summary

Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update the tasks of a private playbook run if they know the run ID.

Vulnerable Configurations

Part Description Count
Application
Mattermost
689