CVE-2023-5159 Information

Description

Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.

Reference

https://mattermost.com/security-updates