Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect authorization allows a user manager to update a system admin
Vulnerability Description
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
授权机制不正确
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 存在安全漏洞,该漏洞源于更新系统管理员时未正确验证请求用户的权限,从而允许用户管理员更新系统管理员的详细信息,如电子邮件、名字和姓氏。
CVSS Information
N/A
Vulnerability Type
N/A