296,213
Total vulnerabilities in the database
Mattermost versions 9.5.x <= 9.5.3, 9.7.x <= 9.7.1, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to enforce proper access control which allows a user to run a slash command in a channel they are not a member of via linking a playbook run to that channel and running a slash command as a playbook task command.
| Software | From | Fixed in |
|---|---|---|
| mattermost / mattermost_server | 8.1.0 | 8.1.13 |
| mattermost / mattermost_server | 9.5.0 | 9.5.4 |
| mattermost / mattermost_server | 9.6.0 | 9.6.2 |
| mattermost / mattermost_server | 9.7.0 | 9.7.2 |