Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4019
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints.
Mattermost Mattermost -
1 Article
NA
CVE-2023-2514
Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization.
Mattermost Mattermost
NA
CVE-2023-4105
Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message
Mattermost Mattermost
NA
CVE-2023-4106
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks.
Mattermost Mattermost
NA
CVE-2023-4107
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.
Mattermost Mattermost
NA
CVE-2023-4108
Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged
Mattermost Mattermost
NA
CVE-2022-4044
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages.
Mattermost Mattermost
NA
CVE-2022-4045
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data.
Mattermost Mattermost -
NA
CVE-2023-5522
Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an malicious user to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel.
Mattermost Mattermost
NA
CVE-2023-3615
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network malicious user to intercept the WebSockets connection.
Mattermost Mattermost
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »