CVE-2023-3591 | THREATINT

Description

Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created.

Reserved 2023-07-10 | Published 2023-07-17 | Updated 2024-10-21 | Assigner Mattermost

MEDIUM: 4.8CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Default status

unaffected

Any version

affected

Any version

affected

Any version

affected

7.8.7

unaffected

7.9.5

unaffected

7.10.3

unaffected

SUBHASIS DATTA (claverrat) finder

Download JSON

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat

Subscribe to our newsletter to learn more about our work.