VYPR
Unrated severityNVD Advisory· Published Sep 26, 2024· Updated Sep 26, 2024

Unauthorized access on archived channels via file links

CVE-2024-47145

Description

Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabled, which allows an attacker to view posts and files of archived channels via file links.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.