Filter
AND
AND
Versions
5.7.0
5
7.9.0
5
8.0.0
5
5.15.0
4
5.16.0
4
5.8.0
4
5.9.0-rc1
4
5.9.0-rc2
4
5.9.0-rc3
4
5.9.0-rc4
4
7.8.0
4
9.2.0
4
5.17.0
3
5.18.0-rc1
3
5.18.0-rc2
3
5.18.0-rc3
3
5.18.0-rc4
3
7.10.0
3
7.8.14
3
8.1.5
3
9.0.0
3
9.0.3
3
9.1.1
3
9.1.2
3
9.2.1
3
3.10.0
2
4.2.0
2
4.3.0-rc1
2
4.3.0-rc2
2
4.3.0-rc3
2
4.3.0-rc4
2
4.6.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
5.6.0
2
8.1.0
2
9.5.0
2
3.6.0
1
3.7.0
1
3.8.0
1
4.1.0
1
4.2.0-rc1
1
4.2.0-rc2
1
4.2.0-rc3
1
4.2.0-rc4
1
4.3.0
1
4.4.0
1
4.5.0-rc1
1
4.5.0-rc2
1
4.5.0-rc3
1
4.5.0-rc4
1
5.10.0
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.14.0
1
5.5.0
1
5.7.0-rc1
1
5.7.0-rc2
1
5.7.0-rc3
1
5.7.0-rc4
1
5.7.0-rc5
1
5.7.0-rc6
1
5.8.0-rc1
1
5.8.0-rc2
1
5.8.0-rc3
1
5.8.0-rc4
1
5.9.0
1
6.0.0
1
6.2.0
1
6.3.0
1
7.2.0
1
7.7.1
1
9.1.0
1
9.3.0
1
9.4.0
1
9.7.0
1
9.8.0
1
9.9.0
1
go/github.com/mattermost/mattermost/server/v8Malicious remote can create/update/delete arbitrary posts in arbitrary channels
7.1
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
MattermostReflected client side path traversal leading to CSRF in Playbooks
8.8
First published (updated )
MattermostPlaybook plugin crash via missing interface type assertion
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostParameter tampering in the registration resulting in blocked accounts to be created
8.2
EPSS
0.05%
First published (updated )
MattermostLack of previous password reset tokens on new token creation
8.2
First published (updated )
MattermostDeleted attachments in Boards remain accessible
7.5
First published (updated )
MattermostWebSockets accept connections from HTTPS origin
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost-server/v6Privilege escalation to system admin via personal access tokens
8.8
First published (updated )
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of …
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at pas…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used f…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OA…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signatur…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2…
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attack…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous a…
7.5
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attacke…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.