Filters

Versions

5.7.0
5
7.9.0
5
8.0.0
5
5.15.0
4
5.16.0
4
5.8.0
4
5.9.0-rc1
4
5.9.0-rc2
4
5.9.0-rc3
4
5.9.0-rc4
4
7.8.0
4
5.17.0
3
5.18.0-rc1
3
5.18.0-rc2
3
5.18.0-rc3
3
5.18.0-rc4
3
7.10.0
3
7.8.14
3
8.1.5
3
9.0.0
3
9.0.3
3
9.1.1
3
9.1.2
3
9.2.0
3
9.2.1
3
3.10.0
2
4.2.0
2
4.3.0-rc1
2
4.3.0-rc2
2
4.3.0-rc3
2
4.3.0-rc4
2
4.6.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
5.6.0
2
3.6.0
1
3.7.0
1
3.8.0
1
4.1.0
1
4.2.0-rc1
1
4.2.0-rc2
1
4.2.0-rc3
1
4.2.0-rc4
1
4.3.0
1
4.4.0
1
4.5.0-rc1
1
4.5.0-rc2
1
4.5.0-rc3
1
4.5.0-rc4
1
5.10.0
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.14.0
1
5.5.0
1
5.7.0-rc1
1
5.7.0-rc2
1
5.7.0-rc3
1
5.7.0-rc4
1
5.7.0-rc5
1
5.7.0-rc6
1
5.8.0-rc1
1
5.8.0-rc2
1
5.8.0-rc3
1
5.8.0-rc4
1
5.9.0
1
6.0.0
1
6.2.0
1
6.3.0
1
7.2.0
1
7.7.1
1
8.1.0
1
9.1.0
1
9.5.0
1
9.7.0
1
9.8.0
1
9.9.0
1

go/github.com/mattermost/mattermost/server/v8Malicious remote can create/update/delete arbitrary posts in arbitrary channels

high
7.1
First published (updated )
CVE-2024-41144

Mattermost Mattermost ServerReflected client side path traversal leading to CSRF in Playbooks

high
8.8
First published (updated )
CVE-2023-45316

Mattermost Mattermost ServerPlaybook plugin crash via missing interface type assertion

high
7.5
First published (updated )
CVE-2023-49607

Mattermost Mattermost ServerPlaybook Plugin Crash via Run Checklist

high
7.5
First published (updated )
CVE-2023-45847

Mattermost Mattermost ServerDenial of Service via Opengraph Data Cache

high
7.5
First published (updated )
CVE-2023-5330

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerParameter tampering in the registration resulting in blocked accounts to be created

high
8.2
EPSS
0.05%
First published (updated )
CVE-2023-4478

Mattermost Mattermost ServerLack of previous password reset tokens on new token creation

high
8.2
First published (updated )
CVE-2023-3591

Mattermost Mattermost ServerDeleted attachments in Boards remain accessible

high
7.5
First published (updated )
CVE-2023-3590

Mattermost Mattermost ServerWebSockets accept connections from HTTPS origin

high
8.1
First published (updated )
CVE-2023-3581

Mattermost Mattermost ServerPrivilege escalation to system admin via personal access tokens

high
8.8
First published (updated )
CVE-2023-2515

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerUser password logged in audit logs

high
7.5
First published (updated )
CVE-2023-1831

Mattermost Mattermost ServerStored XSS via SVG attachment on Boards

high
7.3
First published (updated )
CVE-2023-1776

Mattermost Mattermost ServerAuthorized users are allowed to install old plugin versions from the Marketplace

high
8.8
First published (updated )
CVE-2022-1384

Mattermost Mattermost ServerStack overflow in SAML login in Mattermost

high
7.5
First published (updated )
CVE-2022-0903

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of …

high
7.5
First published (updated )
CVE-2015-9548

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at pas…

high
7.5
First published (updated )
CVE-2016-11069

Mattermost Mattermost ServerInfoleak

high
7.5
First published (updated )
CVE-2016-11066

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used f…

high
7.5
First published (updated )
CVE-2017-18917

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OA…

high
8.1
First published (updated )
CVE-2017-18906

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signatur…

high
7.5
First published (updated )
CVE-2017-18909

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerCSRF

high
8.8
First published (updated )
CVE-2017-18903

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…

high
8.8
First published (updated )
CVE-2017-18886

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2…

high
8.1
First published (updated )
CVE-2017-18894

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …

high
8.1
First published (updated )
CVE-2017-18884

Mattermost Mattermost ServerInput Validation

high
8.8
First published (updated )
CVE-2018-21264

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerInput Validation

high
7.5
First published (updated )
CVE-2018-21262

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attack…

high
7.5
First published (updated )
CVE-2017-18871

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous a…

high
7.5
First published (updated )
CVE-2018-21248

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attacke…

high
7.5
First published (updated )
CVE-2019-20888

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently…

high
7.5
First published (updated )
CVE-2019-20886

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authe…

high
8.8
First published (updated )
CVE-2018-21263

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of se…

high
7.5
First published (updated )
CVE-2018-21258

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt …

high
7.5
First published (updated )
CVE-2019-20885

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against…

high
7.5
First published (updated )
CVE-2019-20881

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attac…

high
7.5
First published (updated )
CVE-2019-20880

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attac…

high
7.5
First published (updated )
CVE-2019-20874

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown li…

high
7.5
First published (updated )
CVE-2019-20871

Mattermost Mattermost ServerInput Validation

high
7.5
First published (updated )
CVE-2019-20868

Mattermost Mattermost ServerCSRF

high
8.8
First published (updated )
CVE-2019-20865

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properl…

high
7.5
First published (updated )
CVE-2019-20863

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash com…

high
7.5
First published (updated )
CVE-2019-20862

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via…

high
7.5
First published (updated )
CVE-2019-20859

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of…

high
7.5
First published (updated )
CVE-2019-20858

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of…

high
7.5
First published (updated )
CVE-2019-20857

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows att…

high
7.5
First published (updated )
CVE-2019-20855

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a de…

high
7.5
First published (updated )
CVE-2019-20854

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local…

high
7.5
First published (updated )
CVE-2019-20846

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of…

high
7.5
First published (updated )
CVE-2019-20845

Mattermost Mattermost ServerAn issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There…

high
7.5
First published (updated )
CVE-2019-20843

Mattermost Mattermost ServerSQL Injection

high
7.2
First published (updated )
CVE-2019-20842

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203