cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2783,https://securityvulnerability.io/vulnerability/CVE-2023-2783,App Framework does not checks for the secret provided in the incoming webhook request,"Mattermost Apps Framework fails to verify that a secret provided in the incoming webhook request allowing an attacker to modify the contents of the post sent by the Apps.

",Mattermost,Mattermost App Framework,4.3,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2023-06-16T09:15:00.000Z,0
CVE-2023-2784,https://securityvulnerability.io/vulnerability/CVE-2023-2784,Apps Framework allows install requests from regular members via an internal path,"Mattermost fails to verify if the requestor is a sysadmin or not, before allowing `install` requests to the Apps allowing a regular user send install requests to the Apps. ",Mattermost,Mattermost App Framework,6.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2023-06-16T09:15:00.000Z,0