Mattermost fails to check whether the  “Allow users to view archived channels”  setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the “Allow users to view archived channels” setting is disabled. 
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-11-27T09:11:13.283Z

Updated: 2024-08-02T19:52:11.105Z

Reserved: 2023-11-22T11:37:35.971Z

Link: CVE-2023-43754

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-27T10:15:07.657

Modified: 2024-11-21T08:24:43.240

Link: CVE-2023-43754

cve-icon Redhat

No data.