CVE-2024-36241

Summary

CVE-2024-36241 is a vulnerability affecting Mattermost versions 9.5.x up to 9.5.3, 9.6.x up to 9.6.1, and 8.1.x up to 8.1.12. This issue involves a failure to enforce proper access controls, which allows users to view arbitrary post contents through the /playbook add slash command. This could potentially expose sensitive information to unauthorized individuals. Organizations using these affected versions of Mattermost are strongly advised to update as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.