Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-18899
An issue exists in Mattermost Server prior to 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.2.0
NA
CVE-2023-1775
When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients.
Mattermost Mattermost Server 7.7.1
Mattermost Mattermost Server
NA
CVE-2023-1776
Boards in Mattermost allows an malicious user to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file.
Mattermost Mattermost Server 7.7.1
Mattermost Mattermost Server
4.3
CVSSv2
CVE-2017-18877
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
4.3
CVSSv2
CVE-2017-18879
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the author_link field of a Slack attachment.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
4.3
CVSSv2
CVE-2017-18881
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. XSS could occur via a goto_location response to a slash command.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
7.5
CVSSv2
CVE-2017-18885
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It allows malicious users to gain privileges by accessing unintended API endpoints on a user's behalf.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
5
CVSSv2
CVE-2017-18887
An issue exists in Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.3.0
5
CVSSv2
CVE-2019-20843
An issue exists in Mattermost Server prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.18.0
4
CVSSv2
CVE-2019-20873
An issue exists in Mattermost Server prior to 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows malicious users to obtain sensitive information during user activation/deactivation.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »