Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mattermost_server
(Mattermost)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 215 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-19 | CVE-2016-11083 | An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11082 | An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11081 | An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11080 | An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11079 | An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11078 | An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11077 | An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11075 | An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11073 | An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting. | Mattermost_server | N/A | ||
2020-06-19 | CVE-2016-11071 | An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place. | Mattermost_server | N/A |