Show filters
229 Total Results
Displaying 91-100 of 229
Sort by:
Attacker Value
Unknown

CVE-2016-11079

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2015-9548

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-11069

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-11070

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2016-11080

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-18906

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-18915

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-18918

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-11083

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-18907

Disclosure Date: June 19, 2020 (last updated February 21, 2025)
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. XSS could occur via a channel header.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  < Previous  Next >