CVE-2020-14456

HIGH

Mattermost Desktop < 4.4.0 - Origin Validation Error

Title source: rule

Description

An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.

References (1)

[Vendor Advisory] https://mattermost.com/security-updates/

Scores

CVSS v3 7.3

EPSS 0.0015

EPSS Percentile 35.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-346

Status published

Affected Products (1)

mattermost/mattermost_desktop < 4.4.0

Timeline

Published Jun 19, 2020

Tracked Since Feb 18, 2026