CSRF Vulnerability in Mattermost Version 2.10.0 and Earlier

CSRF Vulnerability in Mattermost Version 2.10.0 and Earlier

CVE-2023-7114 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

Learn more about our Cis Benchmark Audit For Server Software.