Vulnerabilities > Mattermost > Mattermost > 7.0.2

DATE CVE VULNERABILITY TITLE RISK
2023-02-27 CVE-2023-27263 Missing Authorization vulnerability in Mattermost
A missing permissions check in the /plugins/playbooks/api/v0/runs API in Mattermost allows an attacker to list and view playbooks belonging to a team they are not a member of.
network
low complexity
mattermost CWE-862
6.5
6.5
2023-02-27 CVE-2023-27264 Missing Authorization vulnerability in Mattermost
A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API.
network
low complexity
mattermost CWE-862
6.5
6.5