CVE-2023-2791 Information

Description

When creating a playbook run via the /dialog API Mattermost fails to validate all parameters allowing an authenticated attacker to edit an arbitrary channel post.

Reference

https://mattermost.com/security-updates/