2 matches found
CVE-2017-18890
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows an attacker to create a button that, when pressed by a user, launches an API request...
CVE-2017-18890
CVE-2017-18890 affects Mattermost Server prior to 4.3.0, 4.2.1, and 4.1.2. An attacker can craft a UI button that, when pressed by a user, triggers an API request. The vulnerability description across Red Hat/SUSE/SUSCVE and OSV confirms the same behavior and impact. Remediation guidance in sourc...