A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API.Read More ...
Continue Reading27 февраля, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner' ...
Continue Reading27 февраля, 2023
The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated ...
Continue Reading27 февраля, 2023
Adopting [Zero Trust security]() for your enterprise is no longer a wish-list itemâitâs a business imperative. The workplace today extends to almost anywhere, anytime, from any device. Siloe ...
Continue Reading27 февраля, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading27 февраля, 2023
## Introduction Project Loom aims to bring "easy-to-use, high-throughput, lightweight concurrency" to the JRE. One feature introduced by Project Loom is virtual threads. In this blog post, we'll be ex ...
Continue Reading27 февраля, 2023
## Description ### Impact When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. ### Patches It is ...
Continue Reading27 февраля, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. The ...
Continue Reading27 февраля, 2023
Back to Main