漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Unauthorized View Access to Site Statistics and Team Statistics
Vulnerability Description
Mattermost versions 9.11.x <= 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 9.11.x版本至9.11.8之前版本存在安全漏洞,该漏洞源于对Viewer角色的授权不当,可能导致配置为无报告访问权限的Viewer角色攻击者仍能查看团队和站点统计信息。
CVSS Information
N/A
Vulnerability Type
N/A