3 matches found
CVE-2017-18870
An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnlyAdminIntegrations case...
GO-2025-4183 CVE-2017-18870 in github.com/mattermost/mattermost-server
CVE-2017-18870 in github.com/mattermost/mattermost-server...
CVE-2017-18870
Mattermost Server before 4.5.0, 4.4.5, and 4.3.4 has a flaw in webhook access control under EnableOnlyAdminIntegrations. Root cause: mishandled webhook access control. Impact: as described in CNVD-2020-35445, an attacker could spoof requests to edit other users’ webhooks. No specific exploit deta...