Vulnerabilities > Mattermost > Mattermost Server > 7.8.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-3591 | Improper Authentication vulnerability in Mattermost Server Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created. | 8.2 |
| 2023-07-17 | CVE-2023-3593 | Unspecified vulnerability in Mattermost Server Mattermost fails to properly validate markdown, allowing an attacker to crash the server via a specially crafted markdown input. | 6.5 |
| 2023-07-17 | CVE-2023-3614 | Resource Exhaustion vulnerability in Mattermost Server Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file. | 3.3 |
| 2023-04-25 | CVE-2023-2281 | Unspecified vulnerability in Mattermost Server When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. | 4.3 |