CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2791

When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.1%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-2791

Mattermost » Mattermost » Version: 7.10.0

cpe:2.3:a:mattermost:mattermost:7.10.0
Mattermost » Mattermost » Version: 7.7.0

cpe:2.3:a:mattermost:mattermost:7.7.0
Mattermost » Mattermost » Version: 7.7.1

cpe:2.3:a:mattermost:mattermost:7.7.1
Mattermost » Mattermost » Version: 7.7.2

cpe:2.3:a:mattermost:mattermost:7.7.2
Mattermost » Mattermost » Version: 7.7.3

cpe:2.3:a:mattermost:mattermost:7.7.3
Mattermost » Mattermost » Version: 7.8.0

cpe:2.3:a:mattermost:mattermost:7.8.0
Mattermost » Mattermost » Version: 7.8.1

cpe:2.3:a:mattermost:mattermost:7.8.1
Mattermost » Mattermost » Version: 7.8.2

cpe:2.3:a:mattermost:mattermost:7.8.2
Mattermost » Mattermost » Version: 7.9.0

cpe:2.3:a:mattermost:mattermost:7.9.0
Mattermost » Mattermost » Version: 7.9.1

cpe:2.3:a:mattermost:mattermost:7.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2791

Products

Pricing

Contact Us