3 matches found
EUVD-2025-34742
Mattermost has a Missing Authorization vulnerability...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost 10.10.2 and prior versions 10.10.x, 10.5.10 and prior versions 10.5.x, and 10.11.2 and prior versions 10.11.x, which stems from the failure to validate email...
CS Money: Отправка писем с произвольным текстом/кликабельными ссылками любому зарегистрированному пользователю с указанной почтой, зная только steamid
Using a third-party service GetResponse used on the project and the 2FA deactivation functionality combined, a hacker found a way to send arbitrary text to any user, knowing only the victim's SteamID. The vulnerability relied on: 1. Invalid cookie management in request; 1. No additional validatio...