CVE-2023-6727

Name of the Vulnerable Software and Affected Versions Mattermost (affected versions not specified)

Description The issue arises from Mattermost's failure to perform correct authorization checks when creating a playbook action. This allows users without access to the playbook to create playbook actions. If a created playbook action is set to post a message in a channel based on specific keywords in a post, it can lead to the leakage of some playbook information, such as the name.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.