Design/Logic Flaw

2020-06-1916:15:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information during user activation/deactivation.

CPENameOperatorVersion
mattermost_servereq5.9.0 rc2
mattermost_servereq5.9.0 rc3
mattermost_servereq5.9.0 rc4
mattermost_servereq5.9.0 rc1
mattermost_serverge5.8.0
mattermost_serverlt5.8.1
mattermost_serverge5.7.0
mattermost_serverlt5.7.3
mattermost_serverlt4.10.8

Name	Operator	Version
mattermost_server	eq	5.9.0 rc2
mattermost_server	eq	5.9.0 rc3
mattermost_server	eq	5.9.0 rc4
mattermost_server	eq	5.9.0 rc1
mattermost_server	ge	5.8.0
mattermost_server	lt	5.8.1
mattermost_server	ge	5.7.0
mattermost_server	lt	5.7.3
mattermost_server	lt	4.10.8

References

mattermost.com/security-updates/