Vulnerabilities > CVE-2017-18920 - Unspecified vulnerability in Mattermost Server

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2020-06-19

Updated: 2020-06-19

Summary

An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.

Part	Description	Count
Application	Mattermost Mattermost Mattermost Server 0.5.0 Mattermost Mattermost Server 0.6.0 Mattermost Mattermost Server 1.0.0 Mattermost Mattermost Server 1.1.0 Mattermost Mattermost Server 1.1.1 Mattermost Mattermost Server 1.2.1 Mattermost Mattermost Server 1.3.0 Mattermost Mattermost Server 1.4.0 Mattermost Mattermost Server 2.0.0 Mattermost Mattermost Server 2.1.0 Mattermost Mattermost Server 2.2.0 Mattermost Mattermost Server 3.0.0 Mattermost Mattermost Server 3.0.1 Mattermost Mattermost Server 3.0.2 Mattermost Mattermost Server 3.0.3 Mattermost Mattermost Server 3.1.0 Mattermost Mattermost Server 3.2.0 Mattermost Mattermost Server 3.3.0 Mattermost Mattermost Server 3.4.0 Mattermost Mattermost Server 3.5.0 Mattermost Mattermost Server 3.5.1 Mattermost Mattermost Server 3.5.2 Mattermost Mattermost Server 3.5.3 Mattermost Mattermost Server 3.6.0 Mattermost Mattermost Server 3.6.1	25