Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues.
References
Link | Resource |
---|---|
https://mattermost.com/security-updates | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-02-09T14:46:58.777Z
Updated: 2024-02-09T14:46:58.777Z
Reserved: 2024-01-30T10:23:06.701Z
Link: CVE-2024-24774
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-09T15:15:08.343
Modified: 2024-02-15T18:43:22.673
Link: CVE-2024-24774
JSON object: View
Redhat Information
No data.
CWE