CVE-2023-3613
LOW3.5EPSS 0.16%Published: 3/6/2024Modified: 4/3/2025
Description
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default.
Affected packages (1)
- Bitnami/mattermostfrom 0, < 7.8.6, >= 7.9.0, < 7.10.3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |