Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/01/09 10:33 a.m.10 views

CVE-2017-18902

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5.3CVSS6.9AI score0.0092EPSS
Exploits0References1
susecve
susecve
added 2025/12/17 2:19 a.m.10 views

SUSE CVE-2017-18902

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5.3CVSS7AI score0.0092EPSS
Exploits0References2
osv
osv
added 2025/05/29 3:10 p.m.8 views

CVE-2025-3913 Team Privacy Settings Authorization Bypass in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

5.3CVSS6AI score0.00265EPSS
Exploits0References3
osv
osv
added 2022/05/24 5:21 p.m.4 views

GHSA-JWFV-5HWQ-F97R Mattermost Server exposes team invite IDs through API endpoints

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5.3CVSS6.8AI score0.0092EPSS
Exploits0References3
github
github
added 2022/05/24 5:21 p.m.8 views

Mattermost Server exposes team invite IDs through API endpoints

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5.3CVSS7AI score0.0092EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2020/06/19 7:15 p.m.16 views

CVE-2017-18902

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5.3CVSS0.0092EPSS
Exploits0References1
prion
prion
added 2020/06/19 7:15 p.m.16 views

Code injection

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via team API endpoints...

5CVSS5.3AI score0.0092EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder