Mattermost Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by mattermost
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Email Address Validation Vulnerability Affects Mattermost Versions
CVE-2024-11599MattermostMattermost8.2HIGHRemote Code Execution Vulnerability in Mattermost Desktop App
CVE-2024-39613MattermostMattermost7.8HIGHMattermost vulnerable to role promotion exploit
CVE-2024-8071MattermostMattermost7.2HIGHMattermost vulnerability allows for one-click client-side path traversal and CSRF
CVE-2024-40886MattermostMattermost8.8HIGHUnsolicited Invite Vulnerability in Mattermost Product
CVE-2024-39777MattermostMattermost9.6CRITICALPermanently local data deletion by malicious remote
CVE-2024-39832MattermostMattermost8.7HIGHMalicious remote can create/update/delete arbitrary posts in arbitrary channels
CVE-2024-41144MattermostMattermost7.1HIGHMattermost Authentication Bypass Vulnerability
CVE-2024-2450MattermostMattermost8.8HIGHCross-Site Request Forgery Vulnerability in Mattermost by Mattermost
CVE-2023-7114MattermostMattermost7.1HIGHReflected client side path traversal leading to CSRF in Playbooks
CVE-2023-45316MattermostMattermost7.3HIGHClient side path traversal due to lack of route parameters validation
CVE-2023-6458MattermostMattermost7.1HIGHDenial of Service via specially crafted block fields in Mattermost Boards
CVE-2023-40703MattermostMattermost7.5HIGHDenial of Service via Opengraph Data Cache
CVE-2023-5330MattermostMattermost7.5HIGHLack of server certificate validation in websockets connection
CVE-2023-3615MattermostMattermost iOS App8.1HIGHDB username/password revealed in application logs
CVE-2023-2514MattermostMattermost7.5HIGHPrivilege escalation to system admin via personal access tokens
CVE-2023-2515MattermostMattermost8.8HIGHOauth authorization codes do not expire when deauthorizing an oauth2 app
CVE-2023-2193MattermostMattermost9.1CRITICALUser password logged in audit logs
CVE-2023-1831MattermostMattermost7.5HIGHAuthorized users are allowed to install old plugin versions from the Marketplace
CVE-2022-1384MattermostMattermost8.8HIGHReflected XSS in OAuth Flow
CVE-2021-37859MattermostMattermost7.1HIGHAuthorization Token Exposure in Mattermost Mobile Apps on iOS
CVE-2020-13891MattermostMattermost7.5HIGHMemory Consumption Vulnerability in Mattermost Server
CVE-2015-9548MattermostMattermost Server7.5HIGHPassword Reset Link Vulnerability in Mattermost Server
CVE-2016-11074MattermostMattermost Server9.8CRITICALPassword Change Vulnerability in Mattermost Server by Mattermost
CVE-2016-11069MattermostMattermost Server7.5HIGHInformation Disclosure in Mattermost Server by Mattermost
CVE-2016-11066MattermostMattermost Server7.5HIGH