Product:

Mattermost_server

(Mattermost)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 206
Date Id Summary Products Score Patch Annotated
2020-06-19 CVE-2017-18907 An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. XSS could occur via a channel header. Mattermost_server N/A
2020-06-19 CVE-2017-18877 An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page. Mattermost_server N/A
2020-06-19 CVE-2016-11068 An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection. Mattermost_server N/A
2020-06-19 CVE-2016-11067 An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang. Mattermost_server N/A
2020-06-19 CVE-2016-11066 An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. Mattermost_server N/A
2020-06-19 CVE-2019-20889 An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation. Mattermost_server N/A
2020-06-19 CVE-2019-20886 An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin. Mattermost_server N/A
2020-06-19 CVE-2019-20882 An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team. Mattermost_server N/A
2020-06-19 CVE-2019-20872 An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services. Mattermost_server N/A
2020-06-19 CVE-2019-20871 An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking. Mattermost_server N/A