13 matches found
CVE-2026-6334
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
Authentication Bypass by Primary Weakness
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the OAuth authorization code redemption process. An attacker can gain unauthorized access to resource...
GHSA-JP3F-X449-4Q75 Mattermost doesn't enforce client identity binding during the OAuth authorization code redemption flow
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
CVE-2026-6334
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
EUVD-2026-30743
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
CVE-2026-6334
Mattermost versions 11.5.x <= 11.5.1 and 10.11.x
PT-2026-41644
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
EUVD-2025-37173
Malicious code in epic-code-redemption npm...
Malicious code in epic-code-redemption (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3c2dca396c58a7835f926d93ff92bf48e87977c82dfe773546e2f7e3d11a7e9 The package epic-code-redemption was found to contain malicious code...
MAL-2025-49120 Malicious code in epic-code-redemption (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3c2dca396c58a7835f926d93ff92bf48e87977c82dfe773546e2f7e3d11a7e9 The package epic-code-redemption was found to contain malicious code...
EUVD-2020-23316
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgmcoderedeem POST Parameter in user-code-redemption.php, the ulgmuserfirst POST Parameter in...
Udemy: Able to view others' gifts on /gift/share URL, giftId is predictable, and easy to manipulate
I recently purchased a gift for a friend, and noticed the share URL gift ID was simply numeric. I managed to access other people's gifts simply by incrementing and decrementing the ID by 2, I was able to verify that the price was dropped to "Free", regardless of if I was logged in or not, and I w...