CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mattermost: >> Mattermost >> 7.8.4 Security Vulnerabilities

CVE-2023-2788

Mattermost fails to check if an admin user account active after an oauth2 flow is started, allowing an attacker with admin privileges to retain persistent access to Mattermost by obtaining an oauth2 access token while the attacker's account is deactivated.

CVSS Score

6.2

EPSS Score

0.001

Published

2023-06-16

Page 4

Vulnerabilities

Vulnerable Software

Mattermost: >> Mattermost >> 7.8.4 Security Vulnerabilities

Products

Pricing

Contact Us