Vulnerability in Mattermost WelcomeBot Plugin Allows Unauthorized Guest Account Access to Channels
CVE-2023-3613 · LOW Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default.
Learn more about our User Device Pen Test.