Product:

Mattermost_server

(Mattermost)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 206
Date Id Summary Products Score Patch Annotated
2020-06-19 CVE-2016-11077 An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account. Mattermost_server N/A
2020-06-19 CVE-2016-11075 An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API. Mattermost_server N/A
2020-06-19 CVE-2016-11073 An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting. Mattermost_server N/A
2020-06-19 CVE-2016-11071 An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place. Mattermost_server N/A
2020-06-19 CVE-2016-11070 An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values. Mattermost_server N/A
2020-06-19 CVE-2016-11063 An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview. Mattermost_server N/A
2020-06-19 CVE-2015-9548 An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed. Mattermost_server N/A
2020-06-19 CVE-2018-21248 An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials. Mattermost_server N/A
2020-06-19 CVE-2017-18921 An issue was discovered in Mattermost Server before 3.6.0 and 3.5.2. XSS can occur via a link on an error page. Mattermost_server N/A
2020-06-19 CVE-2017-18913 An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. XSS can occur via a link on an error page. Mattermost_server N/A