Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-20859
An issue exists in Mattermost Server prior to 5.15.0. Login access control can be bypassed via crafted input.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
5
CVSSv2
CVE-2019-20862
An issue exists in Mattermost Server prior to 5.13.0. Non-members may fetch a team's slash commands.
Mattermost Mattermost Server
5
CVSSv2
CVE-2019-20863
An issue exists in Mattermost Server prior to 5.13.0. Incoming webhook creation is not properly restricted.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14447
An issue exists in Mattermost Server prior to 5.23.0. Large webhook requests allow malicious users to cause a denial of service (infinite loop), aka MMSA-2020-0021.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14448
An issue exists in Mattermost Server prior to 5.23.0. Automatic direct message replies allow malicious users to cause a denial of service (infinite loop), aka MMSA-2020-0020.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14450
An issue exists in Mattermost Server prior to 5.22.0. The markdown renderer allows malicious users to cause a denial of service (client-side), aka MMSA-2020-0017.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14453
An issue exists in Mattermost Server prior to 5.21.0. Socket read operations are not appropriately restricted, which allows malicious users to cause a denial of service, aka MMSA-2020-0005.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14457
An issue exists in Mattermost Server prior to 5.20.0. Non-members can receive broadcasted team details via the update_team WebSocket event, aka MMSA-2020-0012.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14458
An issue exists in Mattermost Server prior to 5.19.0. Attackers can discover private channels via the "get channel by name" API, aka MMSA-2020-0004.
Mattermost Mattermost Server
5
CVSSv2
CVE-2020-14459
An issue exists in Mattermost Server prior to 5.19.0. Attackers can rename a channel and cause a collision with a direct message, aka MMSA-2020-0002.
Mattermost Mattermost Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »