Vulnerabilities > Mattermost
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2017-18909 | Improper Certificate Validation vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. | 4.3 |
| 2020-06-19 | CVE-2017-18904 | Cross-site Scripting vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. | 4.3 |
| 2020-06-19 | CVE-2017-18903 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. | 5.1 |
| 2020-06-19 | CVE-2017-18902 | Information Exposure vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. | 5.0 |
| 2020-06-19 | CVE-2017-18901 | Information Exposure vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. | 5.0 |
| 2020-06-19 | CVE-2017-18900 | Injection vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. | 7.5 |
| 2020-06-19 | CVE-2017-18899 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. | 5.0 |
| 2020-06-19 | CVE-2017-18898 | Improper Resource Shutdown or Release vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. | 5.0 |
| 2020-06-19 | CVE-2017-18897 | Open Redirect vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. | 5.8 |
| 2020-06-19 | CVE-2017-18896 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. | 5.0 |