Vulnerabilities > Mattermost > Mattermost Server > 4.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2017-18883 | Insufficient Entropy vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. | 6.4 |
| 2020-06-19 | CVE-2017-18882 | Cross-site Scripting vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 4.3 |
| 2020-06-19 | CVE-2017-18881 | Cross-site Scripting vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 4.3 |
| 2020-06-19 | CVE-2017-18880 | Cross-site Scripting vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 4.3 |
| 2020-06-19 | CVE-2017-18879 | Cross-site Scripting vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 4.3 |
| 2020-06-19 | CVE-2017-18878 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 4.0 |
| 2020-06-19 | CVE-2017-18874 | Path Traversal vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. | 5.5 |
| 2020-06-19 | CVE-2018-21264 | Improper Input Validation vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. | 6.5 |
| 2020-06-19 | CVE-2018-21256 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.1. | 4.0 |
| 2020-06-19 | CVE-2018-21252 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.2, 5.1.1, 5.0.3, and 4.10.3. | 4.0 |