Vulnerabilities > CVE-2024-24776 - Unspecified vulnerability in Mattermost Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions.