CVE-2023-3613

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-3613

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3613.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-3613

Aliases

BIT-mattermost-2023-3613

Published

2023-07-17T16:15:11.107Z

Modified

2026-02-13T02:38:06.016363Z

Severity

3.5 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default.

References

https://mattermost.com/security-updates

Affected packages

Git / github.com/mattermost/mattermost-server

Affected ranges

Type: GIT
Repo: https://github.com/mattermost/mattermost-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

96a934a6969ca6294450bcc60fc8ea1371488521

Introduced

c4d8c1450ab2b9538bbc2690ca1ee865567a5888

Fixed

cf5279c4598f3d49396d21ab539413173a159cf5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3613.json"