Lucene search
+L

5 matches found

Chainguard
Chainguard
added 2025/05/01 7:14 a.m.26 views

CVE-2023-47168 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

6.1CVSS7.1AI score0.00403EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/11/27 9:12 a.m.10 views

CVE-2023-47168 Open redirect in /oauth/<service>/mobile_login?redirect_to=

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

4.3CVSS6.6AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/27 9:12 a.m.24 views

CVE-2023-47168 Open redirect in /oauth/<service>/mobile_login?redirect_to=

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2023/11/27 9:12 a.m.194 views

CVE-2023-47168

Mattermost is affected by CVE-2023-47168 due to an open redirect vulnerability in the redirect_to parameter of the OAuth mobile login flow (/oauth/{service}/mobile_login?redirect_to=). The root cause is improper validation of the allowed redirect URL, which can let an attacker redirect users to a...

6.1CVSS5.2AI score0.00403EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/10 12:0 a.m.35 views

Mattermost Server < 7.8.13 / 8.x < 8.1.4 / 9.0.x < 9.0.2 / 9.1.0 Multiple Vulnerabilities

The version of Mattermost Server running on the remote host is prior to 7.8.13, 8.x prior to 8.1.4, 9.0.x prior to 9.0.2 or 9.1.x prior to 9.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2023-00218, MMSA-2023-00219, MMSA-2023-00233, MMSA-2023-00241,...

7.5CVSS6.1AI score0.00723EPSS
Exploits0References7
Rows per page
Query Builder