mattermost

576 tracked vulnerabilities.

CVE-2023-5968 MEDIUM
Mattermost - Exposure of Sensitive Information via User Object Sanitization Failure
Nov 06, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-5967 MEDIUM
Mattermost < 7.8.11, 7.8.12, 8.0.0-8.0.4 - Denial of Service via Missing User Agent Header
Nov 06, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5920 LOW
Mattermost Desktop < 5.5.1 - Unauthorized Keyboard Input Exposure via macOS Secure Input Bypass
Nov 02, 2023
CVSS 2.9
EPSS 0.00
CVE-2023-5876 LOW
Mattermost Desktop < 5.5.1 - Denial of Service via Server URL Path RegExp
Nov 02, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-5875 LOW
Mattermost Desktop - Info Disclosure
Nov 02, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-5522 MEDIUM
Mattermost Mobile < 2.8.0 - Denial of Service via Excessive Markdown Elements
Oct 17, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5339 MEDIUM
Mattermost Desktop < 5.4.0 - Sensitive Information Exposure via Keystroke Logging
Oct 17, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-5333 MEDIUM
Mattermost < 7.8.11 - Denial of Service via User ID Deduplication Bypass
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5331 MEDIUM
Mattermost < 7.8.11 - Missing Authorization in Draft Post File Attachment
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5330 MEDIUM
Mattermost < 7.8.11 - Denial of Service via OpenGraph Cache Overflow
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5160 MEDIUM
Mattermost 7.0.0-7.8.10 - Unauthorized Exposure of Full Names via Team Members Endpoint
Oct 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5196 MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Denial of Service via Notification Property Length
Sep 29, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5195 MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Team Soft Delete
Sep 29, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5194 LOW
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in User Demotion
Sep 29, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-5193 MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Direct Message Post Retrieval
Sep 29, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-5159 LOW
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Bot Management
Sep 29, 2023
CVSS 3.8
EPSS 0.00
CVE-2023-4478 MEDIUM
Mattermost < 7.8.9 - Unauthenticated User Registration Blocking via Signup Parameter Manipulation
Aug 25, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4108 MEDIUM
Mattermost 7.8.0-7.8.7 - Sensitive Information Disclosure in Audit Logs
Aug 11, 2023
CVSS 4.5
EPSS 0.00
CVE-2023-4107 MEDIUM
Mattermost 7.8.0-7.8.7 - Incorrect Authorization in User Permission Validation
Aug 11, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-4106 MEDIUM
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Public Playbook Actions
Aug 11, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-4105 LOW
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Deleted Message Attachments
Aug 11, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-3615 HIGH
Mattermost iOS - SSL/TLS Info Disclosure
Jul 17, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-3614 MEDIUM
Mattermost < 7.8.7 - Denial of Service via Malicious GIF Image File
Jul 17, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3613 LOW
Mattermost WelcomeBot - Privilege Escalation
Jul 17, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-3593 MEDIUM
Mattermost 7.8.0-7.8.6 - Denial of Service via Markdown Input
Jul 17, 2023
CVSS 4.3
EPSS 0.00
Products
mattermost_server 412 mattermost 233 mattermost-server 186 Mattermost 75 mattermost_desktop 23 mattermost_mobile 20 confluence 14 mattermost-plugin-confluence 14 mattermost-plugin-msteams 4 mattermost-plugin-playbooks 4 mattermost-plugin-jira 3 Focalboard 2 focalboard 2 mattermost-plugin-boards 2 mattermost-plugin-calls 2 mattermost-plugin-zoom 2 mattermost_boards 2 ms_teams 2 playbooks 2 zoom 2 channel_export 1 mattermost-plugin-channel-export 1 mattermost-plugin-github 1 mattermost_channel_export 1 mattermost_packages 1 mattermost_plugins 1
Quick Filters
Critical CVEs With Exploits In CISA KEV