CVE-2023-2281 — Sensitive Information Exposure in Mattermost

CWE-200 — Sensitive Information Exposure6 documents5 sources

Severity

4.3MEDIUMNVD

CNA3.1

EPSS

0.4%

top 37.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mattermost Mattermost Server

Timeline

PublishedApr 25

Latest updateMay 23

Description

When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived team.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5mattermost/mattermost< 7.9

▶NVDmattermost/mattermost_server< 7.9.0

🔴Vulnerability Details

CVEList

Archiving a team broadcasts unsanitized data over WebSockets↗2023-04-25

▶

GHSA

GHSA-7qh6-7gxc-2q62: When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients↗2023-04-25

▶

💥Exploits & PoCs

Exploit-DB

eScan Management Console 14.0.1400.2281 - Cross Site Scripting↗2023-05-23

▶

Exploit-DB

eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated)↗2023-05-23

▶

📋Vendor Advisories

Red Hat

mattermost-server: team data exposure during archival↗2023-04-25

▶