Skip to content

Mattermost Desktop App fails to safeguard screen capture functionality

Low severity GitHub Reviewed Published Sep 16, 2024 to the GitHub Advisory Database • Updated Sep 16, 2024

Package

npm mattermost-desktop (npm)

Affected versions

< 5.9.0

Patched versions

5.9.0

Description

Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.

References

Published by the National Vulnerability Database Sep 16, 2024
Published to the GitHub Advisory Database Sep 16, 2024
Reviewed Sep 16, 2024
Last updated Sep 16, 2024

Severity

Low

EPSS score

0.046%
(18th percentile)

Weaknesses

CVE ID

CVE-2024-39772

GHSA ID

GHSA-5777-rcjj-9p22

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.