mattermost mattermost server 5.18.0 vulnerabilities and exploits

(subscribe to this query)

383

VMScore

An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.

Mattermost Mattermost Server Mattermost Mattermost Server 5.18.0

605

VMScore

An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.

Mattermost Mattermost Server Mattermost Mattermost Server 5.18.0

578

VMScore

An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.

Mattermost Mattermost Server Mattermost Mattermost Server 5.18.0

445

VMScore

An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.

Mattermost Mattermost Server Mattermost Mattermost Server 5.18.0

445

VMScore

An issue exists in Mattermost Server prior to 5.18.0. It has weak permissions for server-local file storage.

Mattermost Mattermost Server

445

VMScore

An issue exists in Mattermost Server prior to 5.18.0. An attacker can send a user_typing WebSocket event to any channel.

Mattermost Mattermost Server

445

VMScore

An issue exists in Mattermost Server prior to 5.18.0. It allows malicious users to cause a denial of service (memory consumption) via a large Slack import.

Mattermost Mattermost Server

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook