Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mattermost

mattermost

576 tracked vulnerabilities.

CVE-2022-1337 MEDIUM

Mattermost Server < 6.4.2 - Authenticated Denial of Service via Image Proxy Memory Allocation

CVE-2022-1333 LOW

Mattermost Playbooks < 1.24.0 - Authenticated Denial of Service via Webhook Limit Bypass

CVE-2022-1332 MEDIUM

Mattermost Server 5.37.0-5.37.8 and 6.4.0-6.4.1 - Authenticated Privilege Escalation via API

CVE-2022-1003 LOW

Mattermost <6.3.0 - Privilege Escalation

CVE-2022-1002 LOW

Mattermost < 6.4.0 - Cross-Site Scripting via Guest User Email Invitation

CVE-2022-0904 MEDIUM

Mattermost Server <= 6.3.2 - Denial of Service via Malicious Apple Pages Document

CVE-2022-0903 MEDIUM

Mattermost Server <= 6.3.2 - Denial of Service via SAML Login POST Body

CVE-2022-0708 MEDIUM

Mattermost <6.3.0 - Info Disclosure

CVE-2021-37867 MEDIUM

Mattermost Boards < 0.10.0 - Authenticated Sensitive Information Exposure via API

CVE-2021-37866 MEDIUM

Mattermost Boards < 0.10.0 - Insufficient Session Expiration

CVE-2021-37865 MEDIUM

Mattermost < 6.2.0 - Authenticated Denial of Service via Crafted GIF File Upload

CVE-2021-37864 LOW

Mattermost < 6.1 - Authenticated Improper Access Control via Archived Channel API

CVE-2021-37863 LOW

Mattermost < 6.0 - Authenticated Denial of Service via Malicious Post Creation

CVE-2021-37862 LOW

Mattermost < 6.0 - Email Address Spoofing via Crafted Invitation Token

CVE-2021-37861 MEDIUM

Mattermost < 6.0.2 - Password Exposure in Audit Logs

CVE-2021-37860 LOW

Mattermost < 5.38 - Stored Cross-Site Scripting via Clipboard Content

CVE-2021-37859 HIGH

Mattermost 5.32.0-5.34.5 - Reflected Cross-Site Scripting Bypass in OAuth Flow

CVE-2020-13891 HIGH

Mattermost Mobile Apps <1.31.2 - Open Redirect

CVE-2020-14460 MEDIUM

Mattermost Server <5.19.0 - Privilege Escalation

CVE-2020-14459 HIGH

Mattermost Server < 5.19.0 - Channel Rename Collision with Direct Message

CVE-2020-14458 HIGH

Mattermost Server <5.19.0 - Info Disclosure

CVE-2020-14457 MEDIUM

Mattermost Server <5.20.0 - Info Disclosure

CVE-2020-14456 HIGH

Mattermost Desktop App < 4.4.0 - Origin Validation Error

CVE-2020-14455 MEDIUM

Mattermost Desktop App < 4.4.0 - Improper Authentication via HTTP Basic Auth Prompt

CVE-2020-14454 MEDIUM

Mattermost Desktop App < 4.4.0 - Open Redirect via Server Redirection Mishandling

Previous Page 17 of 24 Next

Products

mattermost_server 412 mattermost 233 mattermost-server 186 Mattermost 75 mattermost_desktop 23 mattermost_mobile 20 confluence 14 mattermost-plugin-confluence 14 mattermost-plugin-msteams 4 mattermost-plugin-playbooks 4 mattermost-plugin-jira 3 Focalboard 2 focalboard 2 mattermost-plugin-boards 2 mattermost-plugin-calls 2 mattermost-plugin-zoom 2 mattermost_boards 2 ms_teams 2 playbooks 2 zoom 2 channel_export 1 mattermost-plugin-channel-export 1 mattermost-plugin-github 1 mattermost_channel_export 1 mattermost_packages 1 mattermost_plugins 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy