CVE-2023-3590
published 2023-07-17CVE-2023-3590: Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost | <= 7.10.2 | — |
| mattermost | mattermost_server | >= 7.10.0 < 7.10.3 | 7.10.3 |