Unrated severityNVD Advisory· Published Jun 16, 2023· Updated Dec 6, 2024
Apps Framework allows install requests from regular members via an internal path
CVE-2023-2784
Description
Mattermost fails to verify if the requestor is a sysadmin or not, before allowing install requests to the Apps allowing a regular user send install requests to the Apps.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Mattermost/Mattermost App Frameworkv5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.