CVE-2024-50052

CVSS V2 None CVSS V3 None
Description
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to check that the origin of the message in an integration action matches with the original post metadata which allows an authenticated user to delete an arbitrary post.
Overview
  • CVE ID
  • CVE-2024-50052
  • Assigner
  • Mattermost
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-10-29T08:10:17.129Z
  • Last Modified Date
  • 2024-10-29T12:52:31.657Z
References
Reference URL Reference Tags
https://mattermost.com/security-updates
History
Created Old Value New Value Data Type Notes
2024-10-30 13:51:33 Added to TrackCVE