Filter
Software
MattermostAn issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injectio…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to …
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed i…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mattermost Mattermost DesktopAn issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Packages before 5.16.3. A Droplet could allow Internet access …
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a se…
9.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset reque…
9.8
First published (updated )
MattermostClient side path traversal due to lack of route parameters validation
9.8
EPSS
0.09%
First published (updated )
go/github.com/mattermost/mattermost/server/v8Malicious remote can invite itself to an arbitrary local channel
9.6
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate v…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAut…
9.1
First published (updated )
MattermostOauth authorization codes do not expire when deauthorizing an oauth2 app
9.1
First published (updated )
MattermostMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.…
8.8
First published (updated )
go/github.com/mattermost/mattermost/server/v8One-click Client-Side Path Traversal Leading to CSRF in User Management admin page
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAn issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r…
8.8
First published (updated )
MattermostAn issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authe…
8.8
First published (updated )
Mattermost DesktopAn issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbit…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MattermostAuthorized users are allowed to install old plugin versions from the Marketplace
8.8
First published (updated )
Mattermost PlaybooksPlaybook members are allowed to escalate their membership privileges and perform actions restricted to playbook admins.
8.8
First published (updated )
go/github.com/mattermost/mattermost-server/v6Privilege escalation to system admin via personal access tokens
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.