← Back to CVE List
CVE-2023-49874
Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update the tasks of a private playbook run if they know the run ID.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt