CVE-2023-48732

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyo ...

Continue Reading
Mattermost notified all users in the channel when using WebSockets to respond individually

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyo ...

Continue Reading
Mattermost notified all users in the channel when using WebSockets to respond individually

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyo ...

Continue Reading
Mattermost notified all users in the channel when using WebSockets to respond individually

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyo ...

Continue Reading
Mattermost notified all users in the channel when using WebSockets to respond individually

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyo ...

Continue Reading
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI

Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a ...

Continue Reading
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI

Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a ...

Continue Reading
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI

Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a ...

Continue Reading

Back to Main

Subscribe for the latest news: