Bharat

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** An inappropriate implementation in Navigation allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. **Recommendations** Update to version 149.0.7827.53 or later.

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 142 Description: Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. Recommendations: Update Firefox for iOS to version 142 or later.

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.15 Mattermost versions 10.5.x through 10.5.5 Mattermost versions 10.6.x through 10.6.5 Mattermost versions 10.7.x through 10.7.2 Mattermost versions 10.8.x through 10.8.0 Description: The issue is related to the improper enforcement of channel member management permissions in playbook runs. This allows authenticated users without the 'Manage Channel Members' permission to add or remove users from public and private channels by manipulating playbook run participants when the run is linked to a channel. Recommendations: For Mattermost versions 9.11.x through 9.11.15, update to a version later than 9.11.15 to resolve the issue. For Mattermost versions 10.5.x through 10.5.5, update to a version later than 10.5.5 to resolve the issue. For Mattermost versions 10.6.x through 10.6.5, update to a version later than 10.6.5 to resolve the issue. For Mattermost versions 10.7.x through 10.7.2, update to a version later than 10.7.2 to resolve the issue. For Mattermost versions 10.8.x through 10.8.0, update to a version later than 10.8.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions prior to 11.0 **Description** Mattermost fails to correctly implement the "Allow users to view archived channels" setting. This allows regular users to access content and files within archived channels through the "Open in Channel" feature when accessing followed threads. **Recommendations** Update to version 11.0 or later.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 9.5.x through 9.5.8 **Description** The issue allows an attacker to view posts and files of archived channels via file links when viewing archived channels is disabled, due to a failure to properly authorize access to archived channels. **Recommendations** For Mattermost versions 9.5.x through 9.5.8, consider disabling the viewing of archived channels or restricting access to file links of archived channels until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.9.x through 9.9.1 Mattermost version 9.10.0 **Description** The issue is related to a failure in enforcing permissions, which allows a guest user with read access to upload files to a channel. This can potentially lead to unauthorized data uploads. **Recommendations** For Mattermost versions 9.8.x through 9.8.2, update to a version later than 9.8.2 to resolve the issue. For Mattermost versions 9.5.x through 9.5.7, update to a version later than 9.5.7 to resolve the issue. For Mattermost versions 9.9.x through 9.9.1, update to a version later than 9.9.1 to resolve the issue. For Mattermost version 9.10.0, update to a version later than 9.10.0 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.9.x through 9.9.1 Mattermost versions 9.10.x through 9.10.0 Description: The issue arises from the failure to restrict which roles can promote a user as a system admin. This allows a System Role with edit access to the permissions section of the system console to update their role to include the `manage system` permission, effectively becoming a System Admin. Recommendations: For Mattermost versions 9.8.x through 9.8.2, update to a version that includes the necessary restrictions on role promotion. For Mattermost versions 9.5.x through 9.5.7, update to a version that includes the necessary restrictions on role promotion. For Mattermost versions 9.9.x through 9.9.1, update to a version that includes the necessary restrictions on role promotion. For Mattermost versions 9.10.x through 9.10.0, update to a version that includes the necessary restrictions on role promotion. As a temporary workaround, consider restricting access to the system console's permissions section to prevent unauthorized role updates.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.9.x through 9.9.1 Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.10.x through 9.10.0 **Description** The issue is related to the failure of Mattermost to properly enforce permissions, allowing a user with a systems manager role and read-only access to teams to perform write operations on teams. **Recommendations** For Mattermost versions 9.8.x through 9.8.2, update to a version later than 9.8.2 to resolve the issue. For Mattermost versions 9.9.x through 9.9.1, update to a version later than 9.9.1 to resolve the issue. For Mattermost versions 9.5.x through 9.5.7, update to a version later than 9.5.7 to resolve the issue. For Mattermost versions 9.10.x through 9.10.0, update to a version later than 9.10.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 **Description** The issue is related to improper access control, allowing a guest to obtain metadata of a public playbook run linked to the channel they are a guest in. This is achieved by sending an RHSRuns GraphQL query request to the server. **Recommendations** For Mattermost versions 8.1.x through 8.1.12, update to a version that includes the fix for this issue. For Mattermost versions 9.5.x through 9.5.3, update to a version that includes the fix for this issue. For Mattermost versions 9.6.x through 9.6.1, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the RHSRuns GraphQL query endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 **Description** The issue is related to the "custom playbooks playbook run updated" webhook event, where guests on a channel with a linked playbook run can see all details of the playbook run when it is marked as finished, due to a failure to restrict the audience. **Recommendations** For Mattermost versions 8.1.x through 8.1.12, update to a version later than 8.1.12 to resolve the issue. For Mattermost versions 9.5.x through 9.5.3, update to a version later than 9.5.3 to resolve the issue. For Mattermost versions 9.6.x through 9.6.1, update to a version later than 9.6.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 **Description** The issue is related to improper authorization checks. This allows a member running a playbook in an existing channel to be promoted to a channel admin. **Recommendations** For versions 8.1.x through 8.1.12, update to a version that includes the necessary authorization checks. For versions 9.5.x through 9.5.3, update to a version that includes the necessary authorization checks. For versions 9.6.x through 9.6.1, update to a version that includes the necessary authorization checks.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 **Description** The issue is related to improper access controls for channel and team membership when linking a playbook run to a channel. This allows members to link their runs to private channels they were not members of. **Recommendations** For Mattermost versions 8.1.x through 8.1.12, update to a version later than 8.1.12 to resolve the issue. For Mattermost versions 9.5.x through 9.5.3, update to a version later than 9.5.3 to resolve the issue. For Mattermost versions 9.6.x through 9.6.1, update to a version later than 9.6.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.11 Mattermost versions 9.5.x through 9.5.2 Mattermost version 9.6.0 **Description** The issue allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests due to a failure to fully validate role changes. **Recommendations** For Mattermost versions 8.1.x through 8.1.11, update to version 8.1.12 or later. For Mattermost versions 9.5.x through 9.5.2, update to version 9.5.3 or later. For Mattermost version 9.6.0, consider restricting the role change functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions prior to v8.1.9 **Description** The issue is related to inadequate access control in Mattermost, allowing remote attackers to gain unauthorized access to files in archived channels. Specifically, members can access files attached to posts in archived channels even when the "Allow users to view archived channels" option is disabled. **Recommendations** For versions prior to v8.1.9, update to version v8.1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to archived channels and their attached files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Mattermost (affected versions not specified) **Description** The issue allows a simple user to still access and download the attachment of a deleted message in a thread because Mattermost fails to delete the attachments when deleting a message. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost (affected versions not specified) **Description** Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JetBrains Hub versions prior to 2021.1.13690 **Description** The issue allows for information disclosure via avatar metadata. **Recommendations** For versions prior to 2021.1.13690, update to version 2021.1.13690 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** JetBrains Hub versions prior to 2021.1.13690 **Description** The authentication throttling mechanism in JetBrains Hub could be bypassed, allowing potential unauthorized access. **Recommendations** For versions prior to 2021.1.13690, update to version 2021.1.13690 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** JetBrains Hub versions prior to 2021.1.13690 **Description** The issue concerns stored XSS, which is possible in the affected software. **Recommendations** For versions prior to 2021.1.13690, update to version 2021.1.13690 or later to resolve the issue.