Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitLab
Published: 2024-06-25T13:02:10.915Z
Updated: 2024-06-25T15:28:32.390Z
Reserved: 2024-06-25T10:30:50.678Z
Link: CVE-2024-6302
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T13:15:51.313
Modified: 2024-06-25T18:50:42.040
Link: CVE-2024-6302
JSON object: View
Redhat Information
No data.
CWE