Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-20877
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows malicious users to obtain sensitive information about whether someone has 2FA enabled.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
4
CVSSv2
CVE-2019-20878
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Changes, within the application, to e-mail addresses are mishandled.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
4
CVSSv2
CVE-2019-20879
An issue exists in Mattermost Server prior to 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-mail addresses do not require credential re-entry.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.8.0
5
CVSSv2
CVE-2019-20888
An issue exists in Mattermost Server prior to 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows malicious users to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.7.0
5
CVSSv2
CVE-2019-20889
An issue exists in Mattermost Server prior to 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.7.0
4
CVSSv2
CVE-2020-14460
An issue exists in Mattermost Server prior to 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth application does not always require admin privileges, aka MMSA-2020-0001.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.19.0
4.3
CVSSv2
CVE-2017-18877
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
4.3
CVSSv2
CVE-2017-18879
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the author_link field of a Slack attachment.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
6.5
CVSSv2
CVE-2017-18886
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
5.8
CVSSv2
CVE-2017-18891
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »