CGA-cq5p-922f-8wjg

Published

Last updated

https://images.chainguard.dev/security/CGA-cq5p-922f-8wjg

Package

mattermost-9

Latest Update

Not affected

Aliases

CVE-2023-6458
GHSA-7664-hcp7-f497

Severity

7.1

High

CVSS V3

Summary

Mattermost Injection vulnerability

Description

Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-6458
https://github.com/advisories/GHSA-7664-hcp7-f497
https://github.com/mattermost/mattermost
https://mattermost.com/security-updates

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-cq5p-922f-8wjg

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources