mattermost
607 tracked vulnerabilities.
CVE-2023-45223
MEDIUM
Mattermost < 7.8.12, 8.0.0-8.1.3, 7.8.13 - Unauthorized Exposure of User Full Name via Boards Endpoints
Nov 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-43754
MEDIUM
Mattermost < 7.8.12 and 9.1.0-9.1.1 - Unauthorized Exposure of Archived Channel Permalink Previews
Nov 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40703
MEDIUM
Mattermost < 7.8.12 and 9.1.0-9.1.1 - Denial of Service via Block Field String Injection
Nov 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-35075
LOW
Mattermost < 7.8.12, 8.0.0-8.1.3, 7.8.12-7.8.12 - HTML Injection via Channel Name Autocomplete
Nov 27, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-47865
MEDIUM
Mattermost < 7.8.12, 8.0.0-8.1.3, 7.8.13 - Improper Access Control via Hardened Mode Bypass
Nov 27, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5969
MEDIUM
Mattermost < 7.8.11, 7.8.12, 8.0.4 - Denial of Service via Redirect Location Caching
Nov 06, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-5968
MEDIUM
Mattermost - Exposure of Sensitive Information via User Object Sanitization Failure
Nov 06, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-5967
MEDIUM
Mattermost < 7.8.11, 7.8.12, 8.0.0-8.0.4 - Denial of Service via Missing User Agent Header
Nov 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-5920
LOW
Mattermost Desktop < 5.5.1 - Unauthorized Keyboard Input Exposure via macOS Secure Input Bypass
Nov 02, 2023
CVSS 2.9
EPSS 0.00
CVE-2023-5876
LOW
Mattermost Desktop < 5.5.1 - Denial of Service via Server URL Path RegExp
Nov 02, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-5875
LOW
Mattermost Desktop - Info Disclosure
Nov 02, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-5522
MEDIUM
Mattermost Mobile < 2.8.0 - Denial of Service via Excessive Markdown Elements
Oct 17, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5339
MEDIUM
Mattermost Desktop < 5.4.0 - Sensitive Information Exposure via Keystroke Logging
Oct 17, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-5333
MEDIUM
Mattermost < 7.8.11 - Denial of Service via User ID Deduplication Bypass
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5331
MEDIUM
Mattermost < 7.8.11 - Missing Authorization in Draft Post File Attachment
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5330
MEDIUM
Mattermost < 7.8.11 - Denial of Service via OpenGraph Cache Overflow
Oct 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5160
MEDIUM
Mattermost 7.0.0-7.8.10 - Unauthorized Exposure of Full Names via Team Members Endpoint
Oct 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5196
MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Denial of Service via Notification Property Length
Sep 29, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-5195
MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Team Soft Delete
Sep 29, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5194
LOW
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in User Demotion
Sep 29, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-5193
MEDIUM
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Direct Message Post Retrieval
Sep 29, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-5159
LOW
Mattermost 7.0.0-7.8.9 and 8.1.0 - Incorrect Authorization in Bot Management
Sep 29, 2023
CVSS 3.8
EPSS 0.00
CVE-2023-4478
MEDIUM
Mattermost < 7.8.9 - Unauthenticated User Registration Blocking via Signup Parameter Manipulation
Aug 25, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4108
MEDIUM
Mattermost 7.8.0-7.8.7 - Sensitive Information Disclosure in Audit Logs
Aug 11, 2023
CVSS 4.5
EPSS 0.01
CVE-2023-4107
MEDIUM
Mattermost 7.8.0-7.8.7 - Incorrect Authorization in User Permission Validation
Aug 11, 2023
CVSS 6.7
EPSS 0.00
Products
mattermost_server 451
mattermost 250
mattermost-server 212
Mattermost 104
mattermost_desktop 28
mattermost_mobile 20
confluence 14
mattermost-plugin-confluence 14
mattermost-plugin-playbooks 6
mattermost-plugin-github 4
mattermost-plugin-msteams 4
mattermost-plugin-calls 3
mattermost-plugin-jira 3
Focalboard 2
focalboard 2
mattermost-plugin-boards 2
mattermost-plugin-zoom 2
mattermost_boards 2
ms_teams 2
playbooks 2
zoom 2
Mattermost Google Drive Plugin 1
channel_export 1
github.com/mattermost/mattermost/server/public 1
legal_hold 1
mattermost-plugin-channel-export 1
mattermost-plugin-msteams-meetings 1
mattermost_channel_export 1
mattermost_packages 1
mattermost_plugins 1
Quick Filters