2 matches found
CVE-2026-28732
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...
CVE-2012-4893
Multiple cross-site request forgery CSRF vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that 1 read files or execute 2 tar, 3 zip, or 4 gzip commands, a different issue than CVE-2012-2982...