Unrated severityNVD Advisory· Published Apr 25, 2023· Updated Dec 6, 2024
Archiving a team broadcasts unsanitized data over WebSockets
CVE-2023-2281
Description
When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived team.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.