Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2017-18889
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
383
VMScore
CVE-2017-18890
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows an malicious user to create a button that, when pressed by a user, launches an API request.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
516
VMScore
CVE-2017-18891
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
383
VMScore
CVE-2017-18892
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
490
VMScore
CVE-2017-18894
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
445
VMScore
CVE-2017-18895
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
445
VMScore
CVE-2017-18896
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
516
VMScore
CVE-2017-18897
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
445
VMScore
CVE-2017-18898
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web browser to hang.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
NA
CVE-2023-4478
Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an malicious user to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts.
Mattermost Mattermost Server
Mattermost Mattermost Server 8.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »