CVE-2024-23493 in Mattermost
Riassunto
di MITRE • 29/02/2024
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of.
Once again VulDB remains the best source for vulnerability data.