CVE-2024-21848
published 2024-04-05CVE-2024-21848: Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in…
low3.1CVSS 3.1
AVNACHPRLUINSUCLINAN
Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost_server_v8 | >= 0 < 8.1.11 | 8.1.11 |
| mattermost | mattermost | 8.1.0 – 8.1.10 | — |
| mattermost | mattermost_server | >= 8.1.0 < 8.1.11 | 8.1.11 |