Filter
AND
-Infinity
0
go/github.com/mattermost/mattermost/server/v8Unauthorized Playbooks Post Deletion in Mattermost Playbooks Plugin
3.1
EPSS
0.02%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Data exfiltration via AI plugin Jira tool
3
First published (updated )
go/github.com/mattermost/mattermost/server/v8MFA Enforcement Bypass Allows Unauthorized Removal of MFA for Other Users
2.2
First published (updated )
go/github.com/mattermost/mattermost/server/v8Unauthorized AI bot activation via Wrangler plugin
3.1
First published (updated )
go/github.com/mattermost/mattermost/server/v8Leaked Metadata of Deleted Files via Bookmark Creation
3.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Unauthorized Access to User Activity Logs API by delegated granular administration roles
2.7
First published (updated )
Mattermost Mobile AppsUnauthorized Notification Exposure in Mobile App Under Specific Conditions
2
First published (updated )
MattermostAuto-Enrollment of Team Admins into Private Channels without explicit consent
3.3
EPSS
0.03%
First published (updated )
Mattermost DesktopLack Of Secure Keyboard Entry Protection in MacOS Desktop
3.3
EPSS
0.04%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Users maintain access to active call after being removed from a channel
3.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Infoleak, Race Condition
2.6
First published (updated )
MattermostDisclosure of team owner email address when regenerating Invite ID
2.7
First published (updated )
MattermostDisclosure of team owner email address when when accessing the teams API
2.7
First published (updated )
go/github.com/mattermost/mattermost/server/v8A User Manager role with user edit permissions could manage/update bots
3.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost/server/v8Unauthorized disabling of invite URL
2.7
First published (updated )
MattermostInconsistent state in UI after boards permission change by system admin
2.7
First published (updated )
MattermostMember can create team with team override scheme
3.1
First published (updated )
MattermostGuest accounts invited and added to channels by Welcomebot plugin
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/mattermost-desktopBypass of TCC restrictions on macOS
3.8
First published (updated )
Mattermost/playbook add slash command allows viewing arbitrary post contents
3.1
EPSS
0.04%
First published (updated )
MattermostRemoteClusterFrame payloads are audit logged in full
2.7
First published (updated )
go/github.com/mattermost/mattermost-plugin-jiraCSRF issue allows disconnecting a user's Jira connection through a simple post message (Jira Plugin)
3.5
EPSS
0.04%
First published (updated )