Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server 4.2.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-18893
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5.8
CVSSv2
CVE-2017-18897
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18899
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5.8
CVSSv2
CVE-2017-18891
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
4.3
CVSSv2
CVE-2017-18892
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5.5
CVSSv2
CVE-2017-18894
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18895
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to obtain sensitive information (user statuses) via a REST API version 4 endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18896
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows malicious users to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
5
CVSSv2
CVE-2017-18898
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web browser to hang.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started