CVE-2023-2791

Publication date

2023-06-16 08:59:16

Family

Mattermost

State

PUBLISHED

Description

When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post.