Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mattermost_server
(Mattermost)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 215 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-19 | CVE-2016-11066 | An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20889 | An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20886 | An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20882 | An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20872 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20871 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20870 | An issue was discovered in Mattermost Server before 5.10.0. An attacker can bypass the intended appearance of the Edited flag after changing a post's file ID. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20868 | An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20865 | An issue was discovered in Mattermost Server before 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The login page allows CSRF. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2019-20862 | An issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash commands. | Mattermost_server | N/A |