Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-18887
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
7.5
CVSSv2
CVE-2017-18888
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
4
CVSSv2
CVE-2017-18889
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
4.3
CVSSv2
CVE-2017-18890
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows an malicious user to create a button that, when pressed by a user, launches an API request.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
5.8
CVSSv2
CVE-2017-18891
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
4.3
CVSSv2
CVE-2017-18892
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5.5
CVSSv2
CVE-2017-18894
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18895
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18896
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5.8
CVSSv2
CVE-2017-18897
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »