Vulnerabilities > Mattermost

DATE CVE VULNERABILITY TITLE RISK
2020-06-19 CVE-2017-18902 Information Exposure vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3.
network
low complexity
mattermost CWE-200
5.3
2020-06-19 CVE-2017-18901 Information Exposure vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3.
network
low complexity
mattermost CWE-200
5.3
2020-06-19 CVE-2017-18900 Injection vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3.
network
low complexity
mattermost CWE-74
critical
9.8
2020-06-19 CVE-2017-18899 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-770
5.3
2020-06-19 CVE-2017-18898 Improper Resource Shutdown or Release vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-404
5.3
2020-06-19 CVE-2017-18897 Open Redirect vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider.
network
low complexity
mattermost CWE-601
6.1
2020-06-19 CVE-2017-18896 Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-732
5.3
2020-06-19 CVE-2017-18895 Information Exposure vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-200
5.3
2020-06-19 CVE-2017-18894 Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider.
network
low complexity
mattermost CWE-732
8.1
2020-06-19 CVE-2017-18893 Cross-site Scripting vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-79
6.1