Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace and access information from the public teams and channels.
Metrics
Affected Vendors & Products
References
History
Fri, 06 Dec 2024 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2022-04-19T20:26:27
Updated: 2024-12-06T23:09:33.235Z
Reserved: 2022-04-18T00:00:00
Link: CVE-2022-1385
Vulnrichment
Updated: 2024-08-03T00:03:06.033Z
NVD
Status : Modified
Published: 2022-04-19T21:15:14.103
Modified: 2024-11-21T06:40:37.390
Link: CVE-2022-1385
Redhat
No data.