Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-18908
An issue exists in Mattermost Server prior to 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2017-18915
An issue exists in Mattermost Server prior to 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2017-18920
An issue exists in Mattermost Server prior to 3.6.2. The WebSocket feature does not follow the Same Origin Policy.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2016-11074
An issue exists in Mattermost Server prior to 3.0.0. A password-reset link could be reused.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2017-18885
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows malicious users to gain privileges by accessing unintended API endpoints on a user's behalf.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
7.5
CVSSv2
CVE-2017-18888
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
7.5
CVSSv2
CVE-2017-18900
An issue exists in Mattermost Server prior to 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2017-18912
An issue exists in Mattermost Server prior to 3.8.2, 3.7.5, and 3.6.7. It allows an malicious user to specify a full pathname of a log file.
Mattermost Mattermost Server
7.5
CVSSv2
CVE-2018-21251
An issue exists in Mattermost Server prior to 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.2.0
7.5
CVSSv2
CVE-2019-20881
An issue exists in Mattermost Server prior to 5.8.0. It mishandles brute-force attacks against MFA.
Mattermost Mattermost Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »