Mattermost fails to properly restrict requests to localhost/intranet during the interactive dialog, which could allow an attacker to perform a limited blind SSRF.
{ "versions": [ { "introduced": "7.8.0" }, { "fixed": "7.8.7" }, { "introduced": "7.10.0" }, { "fixed": "7.10.3" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3577.json"