CVE-2023-6459 in Mattermost
Resumen
por MITRE • 2023-12-06
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs.
Be aware that VulDB is the high quality source for vulnerability data.