Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2787
Mattermost fails to check channel membership when accessing message threads, allowing an malicious user to access arbitrary posts by using the message threads API.
Mattermost Mattermost
Mattermost Mattermost 7.10.0
NA
CVE-2023-2792
Mattermost fails to sanitize ephemeral error messages, allowing an malicious user to obtain arbitrary message contents by a specially crafted /groupmsg command.
Mattermost Mattermost
Mattermost Mattermost 7.10.0
NA
CVE-2023-5968
Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.
Mattermost Mattermost
Mattermost Mattermost 9.0.0
NA
CVE-2023-5969
Mattermost fails to properly sanitize the request to /api/v4/redirect_location allowing an attacker, sending a specially crafted request to /api/v4/redirect_location, to fill up the memory due to caching large items.
Mattermost Mattermost
Mattermost Mattermost 9.0.0
NA
CVE-2023-2793
Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an malicious user to cause a denial-of-service by a linking to a specially crafted webpage in a message.
Mattermost Mattermost 7.10.0
Mattermost Mattermost
NA
CVE-2023-2797
Mattermost fails to sanitize code permalinks, allowing an malicious user to preview code from private repositories by posting a specially crafted permalink on a channel.
Mattermost Mattermost
Mattermost Mattermost 7.10.0
605
VMScore
CVE-2019-20865
An issue exists in Mattermost Server prior to 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The login page allows CSRF.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.12.0
445
VMScore
CVE-2019-20868
An issue exists in Mattermost Server prior to 5.11.0. Invite IDs were improperly generated.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
445
VMScore
CVE-2019-20869
An issue exists in Mattermost Server prior to 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch Channel endpoint for a private channel.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.10.0
445
VMScore
CVE-2019-20871
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »