CVE-2023-2784 Information

Description

Mattermost fails to verify if the requestor is a sysadmin or not before allowing install requests to the Apps allowing a regular user send install requests to the Apps.

Reference

https://mattermost.com/security-updates