CVE Catalog
CVE-2023-3590
LowCVSS 3.1Exploitation Probability (EPSS)
Low risk0.36%
28th percentile — higher than 28% of all known CVEs
Summary
Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.
Risk Assessment
An attacker may gain access to sensitive data that should have been deleted, potentially leading to privacy and information security breaches.
Recommendation
It is recommended to update Mattermost to the latest version to address this vulnerability and to monitor access to attachments.
Original NVD description (English source)
Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.

