CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2023/12/29 1:15 p.m.•6 views

CVE-2023-7114

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server...

8.8CVSS0.00286EPSS

Exploits0References1

OSV•added 2023/12/29 1:15 p.m.•1 views

CVE-2023-7114

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server...

8.8CVSS5.8AI score0.00286EPSS

Exploits0References1

Prion•added 2023/12/29 1:15 p.m.•12 views

Cross site request forgery (csrf)

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server...

6.8CVSS7.2AI score0.00286EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/29 12:46 p.m.•9 views

CVE-2023-7114

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server...

7.1CVSS8.9AI score0.00286EPSS

Exploits0References1

Positive Technologies•added 2023/12/29 12:0 a.m.•3 views

PT-2023-32883 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 2.10.0 and earlier Description: The issue allows an attacker to perform CSRF attacks against the server due to the failure to sanitize deeplink paths. Recommendations: For Mattermost versions 2.10.0 and earlier, update to ...

8.8CVSS8.6AI score0.00286EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by