Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Users can view the contents of an archived channel when access is explicitly denied by the system admin
Vulnerability Description
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 6.1 及更早版本存在安全漏洞,该漏洞允许经过身份验证的用户查看存档频道的内容。
CVSS Information
N/A
Vulnerability Type
N/A