all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve...

Add to bookmarks
July 3, 2024, 8:35 a.m. |

CVE | THREATINT - NEW cve.threatint.com

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent users from specifying a RemoteId for their posts which allows an attacker to specify both a remoteId and...

attacker defined fail ids mattermost posts prevent

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Evmos vulnerable to exploit of smart contract account and vestingEvmos is a d... an hour ago | cve.threatint.com
account can contract cosmos +12
Malicious Matrix homeserver can leak truncated message content of messages it... an hour ago | cve.threatint.com
bridge can cve cve-2024 +13
Certifi removes GLOBALTRUST root certificateCertifi is a curated collection o... an hour ago | cve.threatint.com
certificates collection globaltrust hosts +7
Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Re... an hour ago | cve.threatint.com
blind can client client-side +10
Fedify vulnerable to allowing access to internal network resourcesFedify is a... 2 hours ago | cve.threatint.com
access apps building federated +9
Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests... 2 hours ago | cve.threatint.com
balancer bypassing data http +10
Mastodon has improper authorship check on audience extension for existing pos... 2 hours ago | cve.threatint.com
attacker can check extension +5
unauthorized file accessUnauthorized file access in WEB Server in ABB ASPECT ... 2 hours ago | cve.threatint.com
abb access aspect attacker +10
Remote code executionImproper Input Validation vulnerability in ABB ASPECT-En... 2 hours ago | cve.threatint.com
abb aspect code enterprise +11

Jobs in InfoSec / Cybersecurity

Find Talent

Microsoft Active Directory Engineer - TS/SCI with Polygraph

@ General Dynamics Information Technology | USA VA Chantilly - 14700 Lee Rd (VAS100)
View on infosec-jobs.com

GSOC Analyst & Team Lead

@ Western Digital | Colorado Springs, CO, United States
View on infosec-jobs.com

FAIT Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

FAIT Senior Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

Engineer - Sailpoint IdentityNow I Remote, Bangalore

@ Optiv | Bengaluru
View on infosec-jobs.com

Security Sales Specialist

@ NTT DATA | Madrid, Spain
View on infosec-jobs.com