Code injection

2020-06-1916:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.9%

JSON

An issue was discovered in Mattermost Server before 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch Channel endpoint for a private channel.

CPENameOperatorVersion
mattermost_serverge5.7.0
mattermost_serverlt5.7.3
mattermost_serverlt4.10.9
mattermost_serverge5.8.0
mattermost_serverlt5.8.2
mattermost_serverge5.9.0
mattermost_serverlt5.9.1
mattermost_servereq5.10.0 rc1
mattermost_servereq5.10.0 rc2
mattermost_servereq5.10.0 rc3

Name	Operator	Version
mattermost_server	ge	5.7.0
mattermost_server	lt	5.7.3
mattermost_server	lt	4.10.9
mattermost_server	ge	5.8.0
mattermost_server	lt	5.8.2
mattermost_server	ge	5.9.0
mattermost_server	lt	5.9.1
mattermost_server	eq	5.10.0 rc1
mattermost_server	eq	5.10.0 rc2
mattermost_server	eq	5.10.0 rc3

Rows per page:

1-10 of 131

References

mattermost.com/security-updates/