2 matches found
CVE-2017-18893
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS...
CVE-2017-18893
Mattermost Server contains an XSS vulnerability in the display name field, affecting versions prior to 4.2.0 (and 4.1.1/4.0.5 as referenced). The underlying issue is that display names can be crafted to execute client-side scripts, enabling potential impact to users who view or interact with the ...