Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2019-20843

Disclosure Date: June 19, 2020 (last updated February 21, 2025)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.

Attacker Value

Unknown

CVE-2019-20844

Disclosure Date: June 19, 2020 (last updated February 21, 2025)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2019-20841

Disclosure Date: June 19, 2020 (last updated February 21, 2025)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2019-20842

Disclosure Date: June 19, 2020 (last updated February 21, 2025)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.

Attack Vector: Network Privileges: High User Interaction: None

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2019-20843

Unknown

CVE-2019-20844

Unknown

CVE-2019-20841

Unknown

CVE-2019-20842

Quick Cookie Notification