mattermost

607 tracked vulnerabilities.

CVE-2018-21254 MEDIUM
Mattermost Server < 5.1.0 - Unauthenticated Access Control Bypass via Message Slash Command
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2018-21253 MEDIUM
Mattermost Server < 4.10.2, 5.0.2, 5.1 - Incorrect Permission Assignment via Invite People Slash Command
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2018-21251 CRITICAL
Mattermost Server < 5.2 and < 5.1.1 - Missing Authorization via Channel Name Mismatch
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2018-21250 MEDIUM
Mattermost Server < 4.10.4 - Denial of Service via Crafted Image Dimensions
Jun 19, 2020
CVSS 6.5
EPSS 0.01
CVE-2018-21249 LOW
Mattermost Server <5.3.0 - Info Disclosure
Jun 19, 2020
CVSS 3.7
EPSS 0.01
CVE-2018-21248 HIGH
Mattermost Server < 5.4.0 - Insufficiently Protected Credentials
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18921 MEDIUM
Mattermost Server <3.6.0, 3.5.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18920 CRITICAL
Mattermost Server < 3.6.2 - Same Origin Policy Bypass via WebSocket Feature
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18919 MEDIUM
Mattermost Server <3.7.0, 3.6.3 - CSRF
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18918 MEDIUM
Mattermost Server <3.7.3, <3.6.5 - Path Traversal
Jun 19, 2020
CVSS 4.9
EPSS 0.00
CVE-2017-18917 HIGH
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18916 MEDIUM
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18915 CRITICAL
Mattermost Server <3.8.2-3.6.7 - Privilege Escalation
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18914 MEDIUM
Mattermost Server <3.8.2-3.6.7 - Open Redirect
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18913 MEDIUM
Mattermost Server <3.8.2-3.6.7 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18908 CRITICAL
Mattermost Server <4.0.0-3.9.2 - Info Disclosure
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18907 MEDIUM
Mattermost Server <4.0.0-3.9.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18906 HIGH
Mattermost Server <4.0.0-3.9.2 - Auth Bypass
Jun 19, 2020
CVSS 8.1
EPSS 0.01
CVE-2017-18905 MEDIUM
Mattermost Server <4.0.0-3.9.2 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2017-18912 CRITICAL
Mattermost Server <3.8.2-3.6.7 - Path Traversal
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2017-18911 CRITICAL
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 9.1
EPSS 0.01
CVE-2017-18910 MEDIUM
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2017-18909 HIGH
Mattermost Server <3.9.0 - Info Disclosure
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2017-18904 MEDIUM
Mattermost Server <4.0.0-3.9.2 - XSS
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2017-18903 HIGH
Mattermost Server <4.0.0-3.9.2 - CSRF
Jun 19, 2020
CVSS 8.8
EPSS 0.00