CVE-2023-50333
published 2024-01-02CVE-2023-50333: Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group names.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost_server_v8 | >= 0 < 8.1.7 | 8.1.7 |
| mattermost | mattermost | <= 9.2.2 | — |
| mattermost | mattermost_server | < 8.1.7 | 8.1.7 |