7 matches found
CVE-2017-18902
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...
SUSE CVE-2017-18902
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...
CVE-2025-3913
Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...
GHSA-JWFV-5HWQ-F97R Mattermost Server exposes team invite IDs through API endpoints
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...
Mattermost Server exposes team invite IDs through API endpoints
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...
CVE-2017-18902
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...
Code injection
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...