mattermost
607 tracked vulnerabilities.
CVE-2018-21254
MEDIUM
Mattermost Server < 5.1.0 - Unauthenticated Access Control Bypass via Message Slash Command
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2018-21253
MEDIUM
Mattermost Server < 4.10.2, 5.0.2, 5.1 - Incorrect Permission Assignment via Invite People Slash Command
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2018-21251
CRITICAL
Mattermost Server < 5.2 and < 5.1.1 - Missing Authorization via Channel Name Mismatch
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2018-21250
MEDIUM
Mattermost Server < 4.10.4 - Denial of Service via Crafted Image Dimensions
Jun 19, 2020
CVSS 6.5
EPSS 0.01
CVE-2018-21249
LOW
Mattermost Server <5.3.0 - Info Disclosure
Jun 19, 2020
CVSS 3.7
EPSS 0.01
CVE-2018-21248
HIGH
Mattermost Server < 5.4.0 - Insufficiently Protected Credentials
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18921
MEDIUM
Mattermost Server <3.6.0, 3.5.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18920
CRITICAL
Mattermost Server < 3.6.2 - Same Origin Policy Bypass via WebSocket Feature
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18919
MEDIUM
Mattermost Server <3.7.0, 3.6.3 - CSRF
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18918
MEDIUM
Mattermost Server <3.7.3, <3.6.5 - Path Traversal
Jun 19, 2020
CVSS 4.9
EPSS 0.00
CVE-2017-18917
HIGH
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18916
MEDIUM
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18915
CRITICAL
Mattermost Server <3.8.2-3.6.7 - Privilege Escalation
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18914
MEDIUM
Mattermost Server <3.8.2-3.6.7 - Open Redirect
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18913
MEDIUM
Mattermost Server <3.8.2-3.6.7 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18908
CRITICAL
Mattermost Server <4.0.0-3.9.2 - Info Disclosure
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18907
MEDIUM
Mattermost Server <4.0.0-3.9.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18906
HIGH
Mattermost Server <4.0.0-3.9.2 - Auth Bypass
Jun 19, 2020
CVSS 8.1
EPSS 0.01
CVE-2017-18905
MEDIUM
Mattermost Server <4.0.0-3.9.2 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18912
CRITICAL
Mattermost Server <3.8.2-3.6.7 - Path Traversal
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18911
CRITICAL
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 9.1
EPSS 0.01
CVE-2017-18910
MEDIUM
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2017-18909
HIGH
Mattermost Server <3.9.0 - Info Disclosure
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18904
MEDIUM
Mattermost Server <4.0.0-3.9.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18903
HIGH
Mattermost Server <4.0.0-3.9.2 - CSRF
Jun 19, 2020
CVSS 8.8
EPSS 0.00
Products
mattermost_server 452
mattermost 250
mattermost-server 212
Mattermost 104
mattermost_desktop 28
mattermost_mobile 20
confluence 14
mattermost-plugin-confluence 14
mattermost-plugin-playbooks 6
mattermost-plugin-github 4
mattermost-plugin-msteams 4
mattermost-plugin-calls 3
mattermost-plugin-jira 3
Focalboard 2
focalboard 2
mattermost-plugin-boards 2
mattermost-plugin-zoom 2
mattermost_boards 2
ms_teams 2
playbooks 2
zoom 2
Mattermost Google Drive Plugin 1
channel_export 1
github.com/mattermost/mattermost/server/public 1
legal_hold 1
mattermost-plugin-channel-export 1
mattermost-plugin-msteams-meetings 1
mattermost_channel_export 1
mattermost_packages 1
mattermost_plugins 1
Quick Filters