all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Lack of permission check when updating the profile picture of a remote user (...

Add to bookmarks
July 3, 2024, 8:29 a.m. |

CVE | THREATINT - NEW cve.threatint.com

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote servers connected, fail to check that the remote server A requesting the server B to update the profile...

check connected fail mattermost permission profile remote server server servers shared update updating using

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Evmos vulnerable to exploit of smart contract account and vestingEvmos is a d... 55 minutes ago | cve.threatint.com
account can contract cosmos +12
Malicious Matrix homeserver can leak truncated message content of messages it... an hour ago | cve.threatint.com
bridge can cve cve-2024 +13
Certifi removes GLOBALTRUST root certificateCertifi is a curated collection o... an hour ago | cve.threatint.com
certificates collection globaltrust hosts +7
Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Re... an hour ago | cve.threatint.com
blind can client client-side +10
Fedify vulnerable to allowing access to internal network resourcesFedify is a... 2 hours ago | cve.threatint.com
access apps building federated +9
Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests... 2 hours ago | cve.threatint.com
balancer bypassing data http +10
Mastodon has improper authorship check on audience extension for existing pos... 2 hours ago | cve.threatint.com
attacker can check extension +5
unauthorized file accessUnauthorized file access in WEB Server in ABB ASPECT ... 2 hours ago | cve.threatint.com
abb access aspect attacker +10
Remote code executionImproper Input Validation vulnerability in ABB ASPECT-En... 2 hours ago | cve.threatint.com
abb aspect code enterprise +11

Jobs in InfoSec / Cybersecurity

Find Talent

Microsoft Active Directory Engineer - TS/SCI with Polygraph

@ General Dynamics Information Technology | USA VA Chantilly - 14700 Lee Rd (VAS100)
View on infosec-jobs.com

GSOC Analyst & Team Lead

@ Western Digital | Colorado Springs, CO, United States
View on infosec-jobs.com

FAIT Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

FAIT Senior Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

Engineer - Sailpoint IdentityNow I Remote, Bangalore

@ Optiv | Bengaluru
View on infosec-jobs.com

Security Sales Specialist

@ NTT DATA | Madrid, Spain
View on infosec-jobs.com