4 matches found
CVE-2026-22545
Mattermost versions 10.11.x = 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID:...
Incorrect Implementation of Authentication Algorithm
Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm. An attacker can gain unauthorized access to another user's account by leveraging a specially crafted email address when switching authentication methods and sending a request to the...
Incorrect Implementation of Authentication Algorithm
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm. An attacker can gain unauthorized access to another user's account by leveraging a specially...
Liferay Portal Login Bypass Vulnerability
Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA through update 36 allows unauthenticated users with valid...