CVE-2024-23493 Information

Description

Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of. 

Reference

https://mattermost.com/security-updates