Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/26 6:35 p.m.5 views

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the mmctl component. An attacker can execute arbitrary terminal escape sequences by sending specially crafted messages, potentially leading to manipulation of administrator terminals, including screen...

8.8CVSS6AI score0.00268EPSS
Exploits0References2
OSV
OSV
added 2026/03/26 6:31 p.m.9 views

GHSA-3439-VQGJ-2GCF Mattermost allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8CVSS5.9AI score0.00268EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:16 p.m.2 views

CVE-2026-3108

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8CVSS5.8AI score0.00268EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.6 views

PT-2026-28419

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.x through 10.11.10 Mattermost versions 11.2.x through 11.2.2 Mattermost versions 11.3.x through 11.3.1 Mattermost versions 11.4.x through 11.4.0 Description The software does not properly sanitize user-controlled post...

8.8CVSS5.9AI score0.00268EPSS
Exploits0References8
Rows per page
Query Builder