Product:

Mattermost_server

(Mattermost)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 215
Date Id Summary Products Score Patch Annotated
2020-06-19 CVE-2017-18902 An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints. Mattermost_server N/A
2020-06-19 CVE-2017-18893 An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS. Mattermost_server N/A
2020-06-19 CVE-2016-11083 An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window. Mattermost_server N/A
2020-06-19 CVE-2016-11082 An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link. Mattermost_server N/A
2020-06-19 CVE-2016-11081 An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser. Mattermost_server N/A
2020-06-19 CVE-2016-11080 An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details. Mattermost_server N/A
2020-06-19 CVE-2016-11079 An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL. Mattermost_server N/A
2020-06-19 CVE-2016-11078 An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI. Mattermost_server N/A
2020-06-19 CVE-2016-11077 An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account. Mattermost_server N/A
2020-06-19 CVE-2016-11075 An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API. Mattermost_server N/A