4 matches found
Mattermost Server < 7.8.12 / 8.0.x < 8.0.4 / 8.1.x < 8.1.3 / 9.0.0 Multiple Vulnerabilities (MMSA-2023-00240) (MMSA-2023-00242) (MMSA-2023-00246)
The version of Mattermost Server running on the remote host is prior to 7.8.12, 8.0.x prior to 8.0.3, 8.1.x prior to 8.1.3 or 9.0.0. It is, therefore, affected by multiple vulnerabilities: - Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request...
CVE-2023-5968
Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body...
CVE-2023-5968 Password hash in response body after username update
Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body...
CVE-2023-5968
Mattermost: CVE-2023-5968 is a vulnerability where the server fails to properly sanitize the user object during username updates, causing the password hash to be included in the response body. Affected data exposure is limited to the password hash disclosure in responses per the available documen...