Design/Logic Flaw

2020-06-1918:15:00

PRIOn knowledge base

www.prio-n.com

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.

CPENameOperatorVersion
mattermost_serverlt4.3.3
mattermost_serverge4.4.0
mattermost_serverlt4.4.3

Name	Operator	Version
mattermost_server	lt	4.3.3
mattermost_server	ge	4.4.0
mattermost_server	lt	4.4.3

References

mattermost.com/security-updates/