mattermost

576 tracked vulnerabilities.

CVE-2017-18871 HIGH
Mattermost Server <4.5.0-4.2.2 - DoS
Jun 19, 2020
CVSS 7.5
EPSS 0.00
CVE-2017-18870 MEDIUM
Mattermost Server <4.5.0-4.3.4 - Info Disclosure
Jun 19, 2020
CVSS 4.3
EPSS 0.00
CVE-2016-11084 MEDIUM
Mattermost Server < 2.1.0 - Cross-Site Scripting via CSRF
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11083 MEDIUM
Mattermost Server < 2.2.0 - Cross-Site Scripting via Browser Window File Handling
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11082 MEDIUM
Mattermost Server < 2.2.0 - Cross-Site Scripting via Crafted Link
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11081 MEDIUM
Mattermost Server < 2.2.0 - Unintended Browser Information Exposure
Jun 19, 2020
CVSS 4.3
EPSS 0.00
CVE-2016-11080 MEDIUM
Mattermost Server < 3.0.0 - Unauthorized Account Details Exposure via Team Administrator API
Jun 19, 2020
CVSS 4.3
EPSS 0.00
CVE-2016-11079 MEDIUM
Mattermost Server < 3.0.0 - Cross-Site Scripting via Redirect URL
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11078 MEDIUM
Mattermost Server < 3.0.0 - Unauthenticated Exposure of Sensitive Information via System Console UI
Jun 19, 2020
CVSS 6.5
EPSS 0.00
CVE-2016-11077 LOW
Mattermost Server < 3.0.0 - Unauthorized LDAP Account Modification via API
Jun 19, 2020
CVSS 2.7
EPSS 0.00
CVE-2016-11076 MEDIUM
Mattermost Server < 3.0.0 - Improper Certificate Validation
Jun 19, 2020
CVSS 5.3
EPSS 0.00
CVE-2016-11075 MEDIUM
Mattermost Server < 3.0.0 - Unauthorized Sensitive Information Exposure via API
Jun 19, 2020
CVSS 5.3
EPSS 0.00
CVE-2016-11074 CRITICAL
Mattermost Server < 3.0.0 - Improper Authentication via Password Reset Link Reuse
Jun 19, 2020
CVSS 9.8
EPSS 0.00
CVE-2016-11073 MEDIUM
Mattermost Server < 3.0.0 - Stored Cross-Site Scripting via Legal or Support Setting
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11072 MEDIUM
Mattermost Server < 3.0.2 - Improper Authentication via Session ID and Token Mishandling
Jun 19, 2020
CVSS 6.5
EPSS 0.00
CVE-2016-11071 MEDIUM
Mattermost Server < 3.1.0 - Cross-Site Scripting via Missing noopener/noreferrer
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11070 MEDIUM
Mattermost Server < 3.1.0 - Stored Cross-Site Scripting via Theme Color-Code Values
Jun 19, 2020
CVSS 5.4
EPSS 0.00
CVE-2016-11069 HIGH
Mattermost Server <3.2.0 - Info Disclosure
Jun 19, 2020
CVSS 7.5
EPSS 0.00
CVE-2016-11068 MEDIUM
Mattermost Server < 3.2.0 - LDAP Field Injection
Jun 19, 2020
CVSS 5.3
EPSS 0.00
CVE-2016-11067 MEDIUM
Mattermost Server < 3.2.0 - Denial of Service via Crafted Posts
Jun 19, 2020
CVSS 5.3
EPSS 0.00
CVE-2016-11066 HIGH
Mattermost Server < 3.2.0 - Exposure of Sensitive Information via Initial Load API
Jun 19, 2020
CVSS 7.5
EPSS 0.00
CVE-2016-11065 MEDIUM
Mattermost Server < 3.3.0 - Unauthenticated WebSocket Message Spoofing
Jun 19, 2020
CVSS 4.3
EPSS 0.00
CVE-2016-11064 CRITICAL
Mattermost Desktop App < 3.4.0 - Remote Code Execution via String Injection
Jun 19, 2020
CVSS 9.8
EPSS 0.01
CVE-2016-11063 MEDIUM
Mattermost Server < 3.5.1 - Cross-Site Scripting via File Preview
Jun 19, 2020
CVSS 6.1
EPSS 0.00
CVE-2016-11062 MEDIUM
Mattermost Server < 3.5.1 - Email Verification Bypass
Jun 19, 2020
CVSS 5.3
EPSS 0.00
Products
mattermost_server 412 mattermost 233 mattermost-server 186 Mattermost 75 mattermost_desktop 23 mattermost_mobile 20 confluence 14 mattermost-plugin-confluence 14 mattermost-plugin-msteams 4 mattermost-plugin-playbooks 4 mattermost-plugin-jira 3 Focalboard 2 focalboard 2 mattermost-plugin-boards 2 mattermost-plugin-calls 2 mattermost-plugin-zoom 2 mattermost_boards 2 ms_teams 2 playbooks 2 zoom 2 channel_export 1 mattermost-plugin-channel-export 1 mattermost-plugin-github 1 mattermost_channel_export 1 mattermost_packages 1 mattermost_plugins 1
Quick Filters
Critical CVEs With Exploits In CISA KEV