Vulnerabilities > Mattermost > Mattermost Server > 8.1.3

DATE CVE VULNERABILITY TITLE RISK
2023-12-06 CVE-2023-6458 Injection vulnerability in Mattermost Server
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.
network
low complexity
mattermost CWE-74
critical
9.8
2023-12-06 CVE-2023-6459 Unspecified vulnerability in Mattermost Server
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response.
network
low complexity
mattermost
5.3