Product:

Mattermost_server

(Mattermost)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 212
Date Id Summary Products Score Patch Annotated
2020-06-19 CVE-2019-20886 An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin. Mattermost_server N/A
2020-06-19 CVE-2019-20882 An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team. Mattermost_server N/A
2020-06-19 CVE-2019-20872 An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services. Mattermost_server N/A
2020-06-19 CVE-2019-20871 An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking. Mattermost_server N/A
2020-06-19 CVE-2019-20870 An issue was discovered in Mattermost Server before 5.10.0. An attacker can bypass the intended appearance of the Edited flag after changing a post's file ID. Mattermost_server N/A
2020-06-19 CVE-2019-20868 An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated. Mattermost_server N/A
2020-06-19 CVE-2019-20865 An issue was discovered in Mattermost Server before 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The login page allows CSRF. Mattermost_server N/A
2020-06-19 CVE-2019-20862 An issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash commands. Mattermost_server N/A
2020-06-19 CVE-2019-20858 An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service (CPU consumption) via crafted characters in a SQL LIKE clause to an APIv4 endpoint. Mattermost_server N/A
2020-06-19 CVE-2019-20857 An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of service (markdown renderer hang) via many backtick characters. Mattermost_server N/A