Product:

Mattermost_server

(Mattermost)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 215
Date Id Summary Products Score Patch Annotated
2020-06-19 CVE-2016-11069 An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change. Mattermost_server N/A
2020-06-19 CVE-2016-11065 An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance. Mattermost_server N/A
2020-06-19 CVE-2016-11062 An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed. Mattermost_server N/A
2020-06-19 CVE-2019-20847 An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel. Mattermost_server N/A
2020-06-19 CVE-2018-21263 An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response. Mattermost_server N/A
2020-06-19 CVE-2018-21260 An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. WebSocket events were accidentally sent during certain user-management operations, violating user privacy. Mattermost_server N/A
2020-06-19 CVE-2017-18919 An issue was discovered in Mattermost Server before 3.7.0 and 3.6.3. Attackers can use the API for unauthenticated team creation. Mattermost_server N/A
2020-06-19 CVE-2017-18916 An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integration permission restriction. Mattermost_server N/A
2020-06-19 CVE-2017-18915 An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access. Mattermost_server N/A
2020-06-19 CVE-2017-18914 An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist. Mattermost_server N/A