CVE-2024-1949

Published: 2024-02-29T11:15Z

Last Modified: 2024-12-13T17:07Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt