Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Guest accounts invited and added to channels by Welcomebot plugin
Vulnerability Description
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost WelcomeBot plugin存在安全漏洞,该漏洞源于该插件无法验证会员状态,允许将访客添加或邀请到频道。
CVSS Information
N/A
Vulnerability Type
N/A