2 matches found
CVE-2018-21261
An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team inviteid, which leads to unintended excessive invitation privileges...
CVE-2018-21261
CVE-2018-21261 (Mattermost Server) affects versions prior to 4.8.1, 4.7.4, and 4.6.3. An email invite could include the team invite_id, leading to unintended excessive invitation privileges. Root cause: leakage of invite_id via invites; impact: users may gain expanded invitation privileges. No ex...