2 matches found
CVE-2021-37862
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token...
CVE-2021-37862
Mattermost 6.0 and earlier are affected by an input-validation vulnerability in the registration flow: email addresses are not sufficiently validated, enabling an attacker to induce users to register with attacker-controlled emails via a crafted invitation token. Affected component: registration/...