Medium severity4.3NVD Advisory· Published Jun 16, 2023· Updated Jun 17, 2026
CVE-2023-2783
CVE-2023-2783
Description
Mattermost Apps Framework fails to verify that a secret provided in the incoming webhook request allowing an attacker to modify the contents of the post sent by the Apps.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/mattermost/mattermost-server/v6Go | >= 7.10.0, < 7.10.1 | 7.10.1 |
github.com/mattermost/mattermost-server/v6Go | >= 7.9.0, < 7.9.4 | 7.9.4 |
github.com/mattermost/mattermost-server/v6Go | >= 6.0.0, < 7.8.5 | 7.8.5 |
github.com/mattermost/mattermost-server/v6Go | < 6.0.0-20230511130429-1629a6ca7fed | 6.0.0-20230511130429-1629a6ca7fed |
Affected products
2- Mattermost/Mattermost App Frameworkv5Range: 0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-455c-vqrf-mghrghsaADVISORY
- mattermost.com/security-updatesnvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-2783ghsaADVISORY
News mentions
0No linked articles in our index yet.