Vulnerabilities > CVE-2023-5193 - Incorrect Authorization vulnerability in Mattermost
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation.