Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user.
{ "versions": [ { "introduced": "9.5.0" }, { "fixed": "9.5.8" }, { "introduced": "9.10.0" }, { "fixed": "9.10.1" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43813.json"