Filter
AND
Versions
9.5.0
19
4.2.0
18
4.3.0-rc1
18
4.3.0-rc2
18
4.3.0-rc3
18
4.3.0-rc4
18
8.1.0
15
9.2.0
15
5.7.0
14
5.8.0
11
7.10.0
11
7.8.0
11
7.9.0
11
8.0.0
11
9.0.0
11
4.1.0
10
5.9.0-rc1
10
5.9.0-rc2
10
5.9.0-rc3
10
5.9.0-rc4
10
3.7.0
9
4.2.0-rc1
9
4.2.0-rc2
9
4.2.0-rc3
9
4.2.0-rc4
9
9.3.0
9
9.4.0
9
3.8.0
8
8.1.5
8
9.9.0
8
9.2.1
7
3.10.0
6
5.16.0
6
9.10.0
6
9.11.0
6
5.15.0
5
5.17.0
5
5.6.0
5
6.4.0
5
7.8.14
5
9.0.3
5
9.1.1
5
9.1.2
5
9.8.0
5
4.6.0
4
5.0.0
4
5.18.0-rc1
4
5.18.0-rc2
4
5.18.0-rc3
4
5.18.0-rc4
4
6.2.0
4
6.3.0
4
7.7.1
4
8.1.7
4
9.1.0
4
3.6.0
3
4.0.0
3
4.4.0
3
5.12.0
3
5.5.0
3
6.6.0
3
9.7.0
3
10.0.0
2
10.0.0-rc1
2
10.0.0-rc2
2
10.0.0-rc3
2
10.0.0-rc4
2
4.10.0
2
4.5.0-rc1
2
4.5.0-rc2
2
4.5.0-rc3
2
4.5.0-rc4
2
4.7.0
2
4.7.0-rc1
2
4.7.0-rc2
2
4.7.0-rc3
2
4.7.0-rc4
2
4.8.0
2
5.1.0
2
5.2.0-rc1
2
5.2.0-rc2
2
5.2.0-rc3
2
5.2.0-rc4
2
5.2.0-rc5
2
5.2.0-rc6
2
5.37.0
2
5.7.0-rc1
2
5.7.0-rc2
2
5.7.0-rc3
2
5.7.0-rc4
2
5.7.0-rc5
2
5.7.0-rc6
2
5.8.0-rc1
2
5.8.0-rc2
2
5.8.0-rc3
2
5.8.0-rc4
2
5.9.0
2
6.0
2
6.0.0
2
6.7.0
2
9.11.0-rc1
2
9.11.0-rc2
2
9.11.0-rc3
2
4.3.0
1
4.9.0
1
5.1.0-rc1
1
5.1.0-rc2
1
5.1.0-rc3
1
5.1.0-rc4
1
5.10.0
1
5.10.0-rc1
1
5.10.0-rc2
1
5.10.0-rc3
1
5.10.0-rc4
1
5.10.0-rc5
1
5.10.0-rc6
1
5.11.0
1
5.12.0-rc1
1
5.12.0-rc2
1
5.12.0-rc3
1
5.12.0-rc4
1
5.12.0-rc5
1
5.12.0-rc6
1
5.13.0
1
5.14.0
1
5.14.0-rc1
1
5.14.0-rc2
1
5.14.0-rc3
1
5.14.0-rc4
1
5.14.0-rc5
1
5.18.0
1
5.19.0-rc1
1
5.19.0-rc2
1
5.19.0-rc3
1
5.2.0
1
5.32.0
1
6.5.0
1
6.6.1
1
7.2.0
1
9.1.4
1
9.10.2
1
9.11.1
1
9.2.3
1
9.3.0-rc1
1
9.3.0-rc2
1
9.5.9
1
MattermostAn issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injectio…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed i…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a se…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset reque…
9.8
First published (updated )
MattermostClient side path traversal due to lack of route parameters validation
9.8
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate v…
9.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAut…
9.1
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authe…
8.8
First published (updated )
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/mattermost/mattermost-server/v6Privilege escalation to system admin via personal access tokens
8.8
First published (updated )
MattermostReflected client side path traversal leading to CSRF in Playbooks
8.8
First published (updated )
MattermostLack of previous password reset tokens on new token creation
8.2
First published (updated )
MattermostParameter tampering in the registration resulting in blocked accounts to be created
8.2
EPSS
0.05%
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostWebSockets accept connections from HTTPS origin
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OA…
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
8.1
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at pas…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.