Filter
Versions
9.5.0
38
8.0.0
29
7.8.0
27
7.9.0
27
7.10.0
26
8.1.0
21
9.8.0
20
4.2.0
18
4.3.0-rc1
18
4.3.0-rc2
18
4.3.0-rc3
18
4.3.0-rc4
18
9.0.0
18
9.9.0
18
9.2.0
15
5.7.0
14
9.10.0
13
5.8.0
11
4.1.0
10
5.9.0-rc1
10
5.9.0-rc2
10
5.9.0-rc3
10
5.9.0-rc4
10
9.7.0
10
3.7.0
9
4.2.0-rc1
9
4.2.0-rc2
9
4.2.0-rc3
9
4.2.0-rc4
9
7.8.12
9
7.8.4
9
8.1.3
9
9.1.0
9
9.3.0
9
9.4.0
9
3.8.0
8
7.9.3
8
8.1.5
8
6.4.0
7
7.1.0
7
7.1.9
7
9.11.0
7
9.2.1
7
3.10.0
6
5.16.0
6
7.0.0
6
5.15.0
5
5.17.0
5
5.6.0
5
6.2.0
5
6.3.0
5
6.6.0
5
7.8.14
5
9.0.1
5
9.0.3
5
9.1.1
5
9.1.2
5
4.6.0
4
5.0.0
4
5.18.0-rc1
4
5.18.0-rc2
4
5.18.0-rc3
4
5.18.0-rc4
4
6.0
4
6.7.0
4
7.7.1
4
8.1.7
4
3.6.0
3
4.0.0
3
4.4.0
3
5.12.0
3
5.5.0
3
6.1
3
6.6.1
3
7.7.3
3
7.8.11
3
7.8.2
3
7.9.1
3
8.0.3
3
8.1.2
3
9.6.0
3
10.0
2
10.0.0
2
10.0.0-rc1
2
10.0.0-rc2
2
10.0.0-rc3
2
10.0.0-rc4
2
10.1
2
10.2
2
10.3
2
4.10.0
2
4.5.0-rc1
2
4.5.0-rc2
2
4.5.0-rc3
2
4.5.0-rc4
2
4.7.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
4.8.0
2
5.1.0
2
5.2.0-rc1
2
5.2.0-rc2
2
5.2.0-rc3
2
5.2.0-rc4
2
5.2.0-rc5
2
5.2.0-rc6
2
5.32.0
2
5.37.0
2
5.7.0-rc1
2
5.7.0-rc2
2
5.7.0-rc3
2
5.7.0-rc4
2
5.7.0-rc5
2
5.7.0-rc6
2
5.8.0-rc1
2
5.8.0-rc2
2
5.8.0-rc3
2
5.8.0-rc4
2
5.9.0
2
6.0.0
2
6.2
2
6.3
2
6.4
2
6.5
2
6.5.1
2
6.6
2
6.7
2
7.0
2
7.1
2
7.1.4
2
7.1.7
2
7.10
2
7.2
2
7.2.0
2
7.3
2
7.4
2
7.4.0
2
7.5
2
7.5.0
2
7.5.1
2
7.7
2
7.7.0
2
7.8
2
7.9
2
8.0
2
8.1
2
9.0
2
9.1
2
9.10
2
9.11
2
9.11.0-rc1
2
9.11.0-rc2
2
9.11.0-rc3
2
9.11.1
2
9.2
2
9.3
2
9.4
2
9.5
2
9.5.9
2
9.6
2
9.7
2
9.8
2
9.9
2
10.4
1
2.13.0
1
4.3.0
1
4.9.0
1
5.1.0-rc1
1
5.1.0-rc2
1
5.1.0-rc3
1
5.1.0-rc4
1
5.10.0
1
5.10.0-rc1
1
5.10.0-rc2
1
5.10.0-rc3
1
5.10.0-rc4
1
5.10.0-rc5
1
5.10.0-rc6
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.13.0
1
5.14.0
1
5.14.0-rc1
1
5.14.0-rc2
1
5.14.0-rc3
1
5.14.0-rc4
1
5.14.0-rc5
1
5.18.0
1
5.19.0-rc1
1
5.19.0-rc2
1
5.19.0-rc3
1
5.2.0
1
5.34.0
1
5.35.0
1
5.36.0
1
5.38
1
6.0.2
1
6.3.8
1
6.5.0
1
7.8.3
1
7.9.2
1
9.1.4
1
9.10.2
1
9.2.3
1
9.3.0-rc1
1
9.3.0-rc2
1
MattermostAn issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injectio…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed i…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Packages before 5.16.3. A Droplet could allow Internet access …
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a se…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset reque…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostClient side path traversal due to lack of route parameters validation
9.8
EPSS
0.09%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Malicious remote can invite itself to an arbitrary local channel
9.6
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate v…
9.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAut…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostOauth authorization codes do not expire when deauthorizing an oauth2 app
9.1
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8One-click Client-Side Path Traversal Leading to CSRF in User Management admin page
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authe…
8.8
First published (updated )
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost-server/v6Privilege escalation to system admin via personal access tokens
8.8
First published (updated )
MattermostReflected client side path traversal leading to CSRF in Playbooks
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8Permanently local data deletion by malicious remote
8.7
First published (updated )
go/github.com/mattermost/mattermost/server/v8Malicious remote can add users to arbitrary teams and channels
8.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.