5 matches found
Mattermost Server 9.5.x < 9.5.8 / 9.8.x < 9.8.3 / 9.9.x < 9.9.2 / 9.10.x < 9.10.1 Multiple Vulnerabilities (MMSA-2024-00353/MMSA-2024-00357)
The version of Mattermost Server installed on the remote host is prior to 9.10.1, 9.5.8, 9.8.3, or 9.9.2. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2024-00353 and MMSA-2024-00357 advisories. - Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0...
CVE-2024-43780
A flaw was found in the mattermost package where it fails to properly enforce permissions. This issue allows a guest user with read access to upload files to channels...
CVE-2024-43780
Mattermost Server vulnerability CVE-2024-43780 affects versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x, and 9.8.x
CVE-2024-43780 Unauthorized channel file upload
Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.0, 9.8.x = 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel...
CVE-2024-43780 Unauthorized channel file upload
Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.0, 9.8.x = 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel...