CVE-2023-5331

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 9, 2023

Updated: Oct 12, 2023

CWE ID 862

Summary

CVE-2023-5331 is a vulnerability affecting Mattermost, an open-source team communication software. The issue arises from the application's inability to adequately verify the file creator during draft post attachment. This weakness might allow unauthorized users to attach files to drafts, exposing sensitive information contained in those files. This vulnerability could potentially lead to data leakage within the organization using Mattermost. It is crucial for users to apply the necessary patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s4IClm
https://www.cve.org/CVERecord?id=CVE-2023-5331
https://nvd.nist.gov/vuln/detail/CVE-2023-5331

Back to Vulnerability Database

CVE-2023-5331

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations