Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-18899
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
8.8
CVSSv3
CVE-2019-20841
An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.18.0
7.2
CVSSv3
CVE-2019-20842
An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.18.0
7.5
CVSSv3
CVE-2019-20859
An issue exists in Mattermost Server prior to 5.15.0. Login access control can be bypassed via crafted input.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
8.8
CVSSv3
CVE-2019-20865
An issue exists in Mattermost Server prior to 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The login page allows CSRF.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.12.0
7.5
CVSSv3
CVE-2019-20868
An issue exists in Mattermost Server prior to 5.11.0. Invite IDs were improperly generated.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
7.5
CVSSv3
CVE-2019-20871
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5.5
CVSSv3
CVE-2019-20872
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
6.5
CVSSv3
CVE-2019-20873
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows malicious users to obtain sensitive information during user activation/deactivation.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5.3
CVSSv3
CVE-2019-20875
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a password reset to proceed while an e-mail address is being changed.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »