9 matches found
EUVD-2026-43312
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-10106
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-10106
Mattermost vulnerable versions: 11.7.x ≤ 11.7.2, 11.6.x ≤ 11.6.4, and 10.11.x ≤ 10.11.19. The issue stems from failing to verify that the channel referenced in an action cookie matches the target post’s channel, enabling an authenticated user without access to a private channel to trigger interac...
CVE-2026-10106 Unauthorized users can trigger interactive post actions in private channels via action cookie channel mismatch in Mattermost
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-48832
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. CVE-2026-48832 Note that Nessus relies on the presence of the...
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
SPIP 输入验证错误漏洞
SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.15 had a vulnerability related to input validation errors, which stemmed from an open-redirecting vulnerability in the action/cookie.php file within ecrire...