Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-20869
An issue exists in Mattermost Server prior to 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch Channel endpoint for a private channel.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.10.0
5
CVSSv2
CVE-2019-20871
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5
CVSSv2
CVE-2019-20874
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows malicious users to obtain sensitive information during a role change.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5
CVSSv2
CVE-2019-20866
An issue exists in Mattermost Server prior to 5.12.0. Use of a Proxy HTTP header, rather than the source address in an IP packet header, for obtaining IP address information was mishandled.
Mattermost Mattermost Server
5
CVSSv2
CVE-2019-20867
An issue exists in Mattermost Server prior to 5.11.0. An attacker can interfere with a channel's post loading via one crafted post.
Mattermost Mattermost Server
5
CVSSv2
CVE-2019-20852
An issue exists in Mattermost Mobile Apps prior to 1.26.0. Local logging is not blocked for sensitive information (e.g., server addresses or message content).
Mattermost Mattermost Mobile
5
CVSSv2
CVE-2019-20854
An issue exists in Mattermost Server prior to 5.17.0. It allows remote malicious users to cause a denial of service (client-side application crash) via a LaTeX message.
Mattermost Mattermost Server
5
CVSSv2
CVE-2019-20858
An issue exists in Mattermost Server prior to 5.15.0. It allows malicious users to cause a denial of service (CPU consumption) via crafted characters in a SQL LIKE clause to an APIv4 endpoint.
Mattermost Mattermost Server
5
CVSSv2
CVE-2019-20859
An issue exists in Mattermost Server prior to 5.15.0. Login access control can be bypassed via crafted input.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5
CVSSv2
CVE-2019-20862
An issue exists in Mattermost Server prior to 5.13.0. Non-members may fetch a team's slash commands.
Mattermost Mattermost Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »