Vulnerabilities > Mattermost > Mattermost Server > 8.1.8

DATE CVE VULNERABILITY TITLE RISK
2024-02-29 CVE-2024-23488 Unspecified vulnerability in Mattermost Server
Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being able to access files of archived channels even if the “Allow users to view archived channels” option is disabled.
network
low complexity
mattermost
4.3
2024-02-29 CVE-2024-23493 Missing Authorization vulnerability in Mattermost Server
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of. 
network
low complexity
mattermost CWE-862
6.5