Security Advisory

CVE-2021-37864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-18 16:52:19

Last updated 2024-12-06 23:11:16

Assigner Mattermost

State PUBLISHED

Description

Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.

← Browse all CVEs View on cve.org ↗