Filtered by vendor Mattermost
Subscribe
Total
258 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-39830 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 5.9 MEDIUM |
Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token comparison. | |||||
CVE-2024-6428 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 6.5 MEDIUM |
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working. | |||||
CVE-2024-39807 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 5.3 MEDIUM |
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels. | |||||
CVE-2024-39361 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 5.4 MEDIUM |
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent users from specifying a RemoteId for their posts which allows an attacker to specify both a remoteId and the post ID, resulting in creating a post with a user-defined post ID. This can cause some broken functionality in the channel or thread with user-defined posts | |||||
CVE-2024-39353 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 2.7 LOW |
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the RemoteClusterFrame payloads before audit logging them which allows a high privileged attacker with access to the audit logs to read message contents. | |||||
CVE-2024-36257 | 1 Mattermost | 1 Mattermost | 2024-07-05 | N/A | 5.3 MEDIUM |
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote servers connected, fail to check that the remote server A requesting the server B to update the profile picture of a user is the remote that actually has the user as a local one . This allows a malicious remote A to change the profile images of users that belong to another remote server C that is connected to the server A. | |||||
CVE-2024-1402 | 1 Mattermost | 1 Mattermost Server | 2024-05-30 | N/A | 4.3 MEDIUM |
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post and to crash the server due to overloading when clients attempt to retrive the aforementioned post. | |||||
CVE-2024-23319 | 1 Mattermost | 1 Mattermost Server | 2024-02-15 | N/A | 3.5 LOW |
Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message. | |||||
CVE-2024-24774 | 1 Mattermost | 1 Mattermost Server | 2024-02-15 | N/A | 4.1 MEDIUM |
Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues. | |||||
CVE-2024-24776 | 1 Mattermost | 1 Mattermost Server | 2024-02-15 | N/A | 4.3 MEDIUM |
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions. | |||||
CVE-2023-40703 | 1 Mattermost | 1 Mattermost | 2024-02-05 | N/A | 7.5 HIGH |
Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string. | |||||
CVE-2023-46701 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 5.3 MEDIUM |
Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID | |||||
CVE-2023-47168 | 1 Mattermost | 1 Mattermost | 2024-02-05 | N/A | 6.1 MEDIUM |
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/{service}/mobile_login?redirect_to= | |||||
CVE-2023-48369 | 1 Mattermost | 1 Mattermost | 2024-02-05 | N/A | 5.3 MEDIUM |
Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log. | |||||
CVE-2023-6547 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 5.4 MEDIUM |
Mattermost fails to validate team membership when a user attempts to access a playbook, allowing a user with permissions to a playbook but no permissions to the team the playbook is on to access and modify the playbook. This can happen if the user was once a member of the team, got permissions to the playbook and was then removed from the team. | |||||
CVE-2023-7113 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 6.1 MEDIUM |
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client. | |||||
CVE-2023-49809 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 6.5 MEDIUM |
Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to send a request with null request body to that endpoint and make it crash. After a few repetitions, the plugin is disabled. | |||||
CVE-2023-45223 | 1 Mattermost | 1 Mattermost | 2024-02-05 | N/A | 4.3 MEDIUM |
Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled. | |||||
CVE-2023-49874 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 4.3 MEDIUM |
Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update the tasks of a private playbook run if they know the run ID. | |||||
CVE-2023-6458 | 1 Mattermost | 1 Mattermost Server | 2024-02-05 | N/A | 9.8 CRITICAL |
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. |