Screen Capture Vulnerability in Mattermost Desktop App
CVE-2024-39772

5.3MEDIUM

Key Information:

Vendor: Mattermost
Status: Mattermost Server
Vendor: CVE Published:; 16 September 2024

Summary

The Mattermost Desktop App versions up to 5.8.0 have a vulnerability that compromises the screen capture functionality. This flaw allows attackers to leverage JavaScript APIs to silently capture high-quality screenshots without the end-user's consent or knowledge. Users of the Mattermost Desktop App should be aware of this risk and take necessary precautions to safeguard their sensitive information.

References

https://mattermost.com/security-updates

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2024