Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost mobile vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-20851
An issue exists in Mattermost Mobile Apps prior to 1.26.0. An attacker can use directory traversal with the Video Preview feature to overwrite arbitrary files on a device.
Mattermost Mattermost
7.5
CVSSv3
CVE-2020-13891
An issue exists in Mattermost Mobile Apps prior to 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022.
Mattermost Mattermost
7.5
CVSSv3
CVE-2019-20852
An issue exists in Mattermost Mobile Apps prior to 1.26.0. Local logging is not blocked for sensitive information (e.g., server addresses or message content).
Mattermost Mattermost Mobile
7.5
CVSSv3
CVE-2019-20848
An issue exists in Mattermost Mobile Apps prior to 1.26.0. The Quick Reply feature mishandles crafted replies.
Mattermost Mattermost Mobile
7.5
CVSSv3
CVE-2020-14449
An issue exists in Mattermost Mobile Apps prior to 1.30.0. Authorization tokens can sometimes be disclosed to third-party servers, aka MMSA-2020-0018.
Mattermost Mattermost Mobile
7.5
CVSSv3
CVE-2020-14451
An issue exists in Mattermost Mobile Apps prior to 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain after a logout, aka MMSA-2020-0013.
Mattermost Mattermost Mobile
5.3
CVSSv3
CVE-2019-20849
An issue exists in Mattermost Mobile Apps prior to 1.26.0. Cookie data can persist on a device after a logout.
Mattermost Mattermost Mobile
5.3
CVSSv3
CVE-2019-20850
An issue exists in Mattermost Mobile Apps prior to 1.26.0. A view cache can persist on a device after a logout.
Mattermost Mattermost Mobile
4.3
CVSSv3
CVE-2024-1402
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seein...
Mattermost Mattermost Server
4.3
CVSSv3
CVE-2023-5522
Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an malicious user to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel.
Mattermost Mattermost
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »