4 matches found
GHSA-4GHX-8JW8-P76Q Mattermost Open Redirect vulnerability
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...
Mattermost Open Redirect vulnerability
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...
Open redirect
Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...
CVE-2023-47168
Mattermost is affected by CVE-2023-47168 due to an open redirect vulnerability in the redirect_to parameter of the OAuth mobile login flow (/oauth/{service}/mobile_login?redirect_to=). The root cause is improper validation of the allowed redirect URL, which can let an attacker redirect users to a...