First published: Thu Aug 05 2021(Updated: )
Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost.
Credit: responsibledisclosure@mattermost.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mattermost Mattermost | >=5.32.0<5.34.5 | |
Mattermost Mattermost | >=5.35.0<5.35.4 | |
Mattermost Mattermost | >=5.36.0<5.36.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-37859.
The severity of CVE-2021-37859 is high.
The affected software is Mattermost.
Versions 5.32.0 to 5.34.5, 5.35.0 to 5.35.4, and 5.36.0 to 5.36.1 of Mattermost are affected by CVE-2021-37859.
You can fix the CVE-2021-37859 vulnerability by applying the fix provided by Mattermost through their security updates.