Vulnerabilities > Mattermost > Mattermost Server > 8.1.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-29 | CVE-2024-23488 | Unspecified vulnerability in Mattermost Server Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being able to access files of archived channels even if the “Allow users to view archived channels” option is disabled. | 4.3 |
| 2024-02-29 | CVE-2024-23493 | Missing Authorization vulnerability in Mattermost Server Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of. | 6.5 |