Mattermost: >> Mattermost Server >> 7.10.2 Security Vulnerabilities
Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions.
CVSS Score
2.7
EPSS Score
0.001
Published
2023-07-17
MattermostĀ fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.
CVSS Score
3.1
EPSS Score
0.003
Published
2023-07-17
Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-07-17
Page 4