Lucene search
K

4 matches found

OSV
OSV
added 2023/11/27 12:30 p.m.16 views

GHSA-4GHX-8JW8-P76Q Mattermost Open Redirect vulnerability

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

4.3CVSS5.2AI score0.00403EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/11/27 12:30 p.m.22 views

Mattermost Open Redirect vulnerability

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

6.1CVSS7AI score0.00403EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2023/11/27 10:15 a.m.13 views

Open redirect

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

5.8CVSS6.9AI score0.00403EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/27 9:12 a.m.193 views

CVE-2023-47168

Mattermost is affected by CVE-2023-47168 due to an open redirect vulnerability in the redirect_to parameter of the OAuth mobile login flow (/oauth/{service}/mobile_login?redirect_to=). The root cause is improper validation of the allowed redirect URL, which can let an attacker redirect users to a...

6.1CVSS5.2AI score0.00403EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder