Site icon API Security Blog

Missing Authorization

github.com/mattermost/mattermost-server is vulnerable to Missing Authorization. The vulnerability exists because the library fails to validate all parameters, allowing an authenticated attacker to edit arbitrary posts on the channel through the `/dialog` API.Read More

Exit mobile version