Page 6 of 26 results (0.006 seconds)
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0
CVE-2024-23493 – Team associated AD/LDAP Groups Leaked due to missing authorization
https://notcve.org/view.php?id=CVE-2024-23493
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of. Mattermost no autoriza adecuadamente las solicitudes que buscan grupos AD/LDAP asociados al equipo, lo que permite a un usuario obtener detalles de los grupos AD/LDAP de un equipo del que no es miembro. • https://mattermost.com/security-updates • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •