Filter
AND
Versions
9.5.0
8
7.9.0
7
8.0.0
7
9.8.0
7
7.8.0
6
9.9.0
6
5.7.0
5
9.0.0
5
9.7.0
5
5.15.0
4
5.16.0
4
5.8.0
4
5.9.0-rc1
4
5.9.0-rc2
4
5.9.0-rc3
4
5.9.0-rc4
4
7.10.0
4
9.2.0
4
5.17.0
3
5.18.0-rc1
3
5.18.0-rc2
3
5.18.0-rc3
3
5.18.0-rc4
3
7.8.14
3
8.1.5
3
9.0.3
3
9.1.0
3
9.1.1
3
9.1.2
3
9.2.1
3
3.10.0
2
4.2.0
2
4.3.0-rc1
2
4.3.0-rc2
2
4.3.0-rc3
2
4.3.0-rc4
2
4.6.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
5.6.0
2
7.8.12
2
8.1.0
2
8.1.3
2
9.0.1
2
9.10.0
2
3.6.0
1
3.7.0
1
3.8.0
1
4.1.0
1
4.2.0-rc1
1
4.2.0-rc2
1
4.2.0-rc3
1
4.2.0-rc4
1
4.3.0
1
4.4.0
1
4.5.0-rc1
1
4.5.0-rc2
1
4.5.0-rc3
1
4.5.0-rc4
1
5.10.0
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.14.0
1
5.32.0
1
5.35.0
1
5.36.0
1
5.5.0
1
5.7.0-rc1
1
5.7.0-rc2
1
5.7.0-rc3
1
5.7.0-rc4
1
5.7.0-rc5
1
5.7.0-rc6
1
5.8.0-rc1
1
5.8.0-rc2
1
5.8.0-rc3
1
5.8.0-rc4
1
5.9.0
1
6.0.0
1
6.0.2
1
6.2.0
1
6.3.0
1
7.1.4
1
7.1.7
1
7.2.0
1
7.4.0
1
7.5.0
1
7.5.1
1
7.7.0
1
7.7.1
1
7.7.3
1
7.8.2
1
7.9.1
1
9.3.0
1
9.4.0
1
9.6.0
1
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8One-click Client-Side Path Traversal Leading to CSRF in User Management admin page
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authe…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
go/github.com/mattermost/mattermost-server/v6Privilege escalation to system admin via personal access tokens
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostReflected client side path traversal leading to CSRF in Playbooks
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8Permanently local data deletion by malicious remote
8.7
First published (updated )
go/github.com/mattermost/mattermost/server/v8Malicious remote can add users to arbitrary teams and channels
8.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostLack of previous password reset tokens on new token creation
8.2
First published (updated )
MattermostParameter tampering in the registration resulting in blocked accounts to be created
8.2
EPSS
0.05%
First published (updated )
MattermostTiming attack during remote cluster token comparison when shared channels are enabled
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2…
8.1
First published (updated )
MattermostWebSockets accept connections from HTTPS origin
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostLack of server certificate validation in websockets connection
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OA…
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
8.1
First published (updated )
MattermostMattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at pas…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of …
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signatur…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of se…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous a…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.