Rohitesh Gupta

**Name of the Vulnerable Software and Affected Versions** Mattermost Jira Plugin (affected versions not specified) **Description** The Mattermost Jira Plugin fails to protect against logout CSRF, allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost by simply viewing the message. This issue can be exploited via a cross-site request forgery vulnerability in the logout button. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost Apps Framework (affected versions not specified) **Description** The issue concerns a failure to verify secrets in incoming webhook requests, allowing an attacker to modify the contents of posts sent by the Apps. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost (affected versions not specified) **Description** The issue allows a regular user to send install requests to the Apps because it fails to verify if the requestor is a sysadmin or not before allowing `install` requests. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost Playbooks plugin versions 1.25 and earlier **Description** The Mattermost Playbooks plugin fails to properly restrict user-level permissions, allowing playbook members to escalate their membership privileges and perform actions restricted to playbook admins. **Recommendations** For Mattermost Playbooks plugin versions 1.25 and earlier, update to a version later than 1.25 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 6.4.x and earlier **Description** The issue is related to insecure plugin handling in Mattermost, where the software fails to properly check the plugin version when a plugin is installed from the Marketplace. This allows an authenticated and authorized user to install and exploit an old plugin version from the Marketplace, which might have known vulnerabilities. **Recommendations** For Mattermost versions 6.4.x and earlier, as a temporary workaround, consider restricting access to the plugin installation feature from the Marketplace until a patch is available. Additionally, avoid installing plugins from the Marketplace until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost Playbooks plugin versions 1.24.0 and earlier **Description** The issue arises from the Mattermost Playbooks plugin's failure to properly check the limit on the number of webhooks. This allows authenticated and authorized users to create a specifically drafted Playbook that could trigger a large amount of webhook requests, leading to Denial of Service. **Recommendations** For Mattermost Playbooks plugin versions 1.24.0 and earlier, as a temporary workaround, consider restricting the creation of new Playbooks or limiting the number of webhook requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 6.4.1 and earlier **Description** The issue is related to improper privilege management in Mattermost, where an API fails to properly protect permissions. This allows authenticated members with restricted custom admin roles to bypass restrictions and view sensitive information, including server logs and the contents of the server config.json file. **Recommendations** For Mattermost versions 6.4.1 and earlier, update to version 6.4.2, 6.3.5, 6.2.5, or 5.37.9 to resolve the issue. As a temporary workaround, consider restricting access to the API endpoint responsible for permissions management until a patch is applied. Additionally, review and restrict custom admin roles to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 6.3.0 and earlier **Description** The issue concerns a problem with an API in Mattermost where system administrators can combine two distinct privileges to override certain restricted configurations, such as EnableUploads. **Recommendations** For Mattermost versions 6.3.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.