Lucene search
K

9 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-43312

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS6.1AI score0.00174EPSS
Exploits0References2
NVD
NVD
added yesterday3 views

CVE-2026-10106

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-10106

Mattermost vulnerable versions: 11.7.x ≤ 11.7.2, 11.6.x ≤ 11.6.4, and 10.11.x ≤ 10.11.19. The issue stems from failing to verify that the channel referenced in an action cookie matches the target post’s channel, enabling an authenticated user without access to a private channel to trigger interac...

6.5CVSS6.1AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-10106 Unauthorized users can trigger interactive post actions in private channels via action cookie channel mismatch in Mattermost

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS0.00174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-48832

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...

3.5CVSS5.8AI score0.00186EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-48832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. CVE-2026-48832 Note that Nessus relies on the presence of the...

3.5CVSS5.8AI score0.00186EPSS
Exploits0References3
NVD
NVD
added 2026/05/24 11:16 p.m.13 views

CVE-2026-48832

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...

3.5CVSS0.00186EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/24 11:16 p.m.10 views

CVE-2026-48832

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...

3.5CVSS5.8AI score0.00186EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.13 views

SPIP 输入验证错误漏洞

SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.15 had a vulnerability related to input validation errors, which stemmed from an open-redirecting vulnerability in the action/cookie.php file within ecrire...

3.5CVSS5.8AI score0.00186EPSS
Exploits0References4
Rows per page
Query Builder