Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.6 views

PT-2024-39459 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.8 Mattermost versions 9.9.x through 9.9.2 Mattermost versions 9.10.x through 9.10.1 Description: The issue allows an attacker to view unlinked channel files in channels they are a member of, due to a...

4.3CVSS7.1AI score0.00259EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/08/22 3:17 p.m.40 views

CVE-2024-42497 Insufficient permissions checks on teams

Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0, 9.8.x = 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams...

6CVSS0.00342EPSS
Exploits0References1
OSV
OSV
added 2024/08/01 3:32 p.m.10 views

GHSA-VVPG-55P7-5H8W Mattermost did not properly restrict channel creation

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6 fail to properly restrict channel creation which allows a malicious remote to create arbitrary channels, when shared channels were enabled...

3.8CVSS4.9AI score0.00283EPSS
Exploits0References4
NVD
NVD
added 2024/08/01 3:15 p.m.48 views

CVE-2024-36492

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user...

7.4CVSS0.00296EPSS
Exploits0References1
Rows per page
Query Builder