• caglararli@hotmail.com
  • 05386281520

CVE-2024-29221 | Mattermost Server up to 8.1.10/9.3.2/9.4.3/9.5.1/9.6.0 Add Member /api/v4/users/me/teams access control

Çağlar Arlı      -    13 Views

CVE-2024-29221 | Mattermost Server up to 8.1.10/9.3.2/9.4.3/9.5.1/9.6.0 Add Member /api/v4/users/me/teams access control

A vulnerability has been found in Mattermost Server up to 8.1.10/9.3.2/9.4.3/9.5.1/9.6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v4/users/me/teams of the component Add Member Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-29221. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.