CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3587

Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.1%

CVSS Severity

CVSS v3 Score 2.7

References

Products affected by CVE-2023-3587

Mattermost » Mattermost Server » Version: 7.10.0

cpe:2.3:a:mattermost:mattermost_server:7.10.0
Mattermost » Mattermost Server » Version: 7.10.1

cpe:2.3:a:mattermost:mattermost_server:7.10.1
Mattermost » Mattermost Server » Version: 7.10.2

cpe:2.3:a:mattermost:mattermost_server:7.10.2
Mattermost » Mattermost Server » Version: 7.8.0

cpe:2.3:a:mattermost:mattermost_server:7.8.0
Mattermost » Mattermost Server » Version: 7.8.1

cpe:2.3:a:mattermost:mattermost_server:7.8.1
Mattermost » Mattermost Server » Version: 7.8.2

cpe:2.3:a:mattermost:mattermost_server:7.8.2
Mattermost » Mattermost Server » Version: 7.8.3

cpe:2.3:a:mattermost:mattermost_server:7.8.3
Mattermost » Mattermost Server » Version: 7.8.4

cpe:2.3:a:mattermost:mattermost_server:7.8.4
Mattermost » Mattermost Server » Version: 7.8.5

cpe:2.3:a:mattermost:mattermost_server:7.8.5
Mattermost » Mattermost Server » Version: 7.8.6

cpe:2.3:a:mattermost:mattermost_server:7.8.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3587

Products

Pricing

Contact Us