CVE-2023-6458 – Client side path traversal due to lack of route parameters validation
https://notcve.org/view.php?id=CVE-2023-6458
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. La aplicación web Mattermost no puede validar los parámetros de ruta en//channels/, lo que permite a un atacante realizar un path traversal del lado del cliente. • https://mattermost.com/security-updates • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2023-47168 – Open redirect in /oauth/<service>/mobile_login?redirect_to=
https://notcve.org/view.php?id=CVE-2023-47168
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/{service}/mobile_login?redirect_to= Mattermost no verifica correctamente un parámetro de URL de redireccionamiento que permitía una redirección abierta cuando el usuario hizo clic en "Volver a Mattermost" después de proporcionar un esquema de URL personalizado no válido en /oauth/{service}/mobile_login?redirect_to= • https://mattermost.com/security-updates • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2023-6202 – Insecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost Boards
https://notcve.org/view.php?id=CVE-2023-6202
Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards. Mattermost no realiza la autorización adecuada en el endpoint /plugins/focalboard/api/v2/users, lo que permite a un atacante que es un usuario invitado y conoce el ID de otro usuario obtener su información (por ejemplo, nombre, apellido, apodo) a través de Mattermost Boards. • https://mattermost.com/security-updates • CWE-284: Improper Access Control •
CVE-2023-43754 – Permalink previews displayed for posts in archived channels even if users are disallowed to view archived channels
https://notcve.org/view.php?id=CVE-2023-43754
Mattermost fails to check whether the “Allow users to view archived channels” setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the “Allow users to view archived channels” setting is disabled. Mattermost no verifica si la configuración "Permitir a los usuarios ver canales archivados" está habilitada durante la visualización de vistas previas de enlaces permanentes, lo que permite a los miembros ver vistas previas de enlaces permanentes de canales archivados incluso si la configuración "Permitir a los usuarios ver canales archivados" está deshabilitada. • https://mattermost.com/security-updates • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-48369 – Log Flooding due to specially crafted requests in different endpoints
https://notcve.org/view.php?id=CVE-2023-48369
Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log. Mattermost no logra limitar el tamaño de los registros del servidor, lo que permite que un atacante envíe solicitudes especialmente manipuladas a diferentes endpoint para potencialmente desbordar el registro. • https://mattermost.com/security-updates • CWE-400: Uncontrolled Resource Consumption •