2 matches found
CVE-2017-18872
An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider...
CVE-2017-18872
Mattermost Server, prior to version 4.4.3 and 4.3.3, is affected. In these releases, when Mattermost operates as an OAuth 2.0 service provider, an issue could allow attackers to reconfigure an OAuth app in some scenarios. The vulnerability centers on the OAuth app configuration within mattermost-...