CVE-2024-9155 Information

Description

Mattermost versions 9.10.x <= 9.10.1 9.9.x <= 9.9.2 9.5.x <= 9.5.8 fail to limit access to channels files that have not been linked to a post which allows an attacker to view them in channels that they are a member of.

Reference

https://mattermost.com/security-updates