Lucene search

K
MattermostMattermost Server5.9.0

10 matches found

CVE
CVE
added 2020/06/19 5:15 p.m.36 views

CVE-2019-20877

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information about whether someone has 2FA enabled.

5.3CVSS5AI score0.00237EPSS
CVE
CVE
added 2020/06/19 4:15 p.m.33 views

CVE-2019-20873

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information during user activation/deactivation.

6.5CVSS6.2AI score0.00327EPSS
CVE
CVE
added 2020/06/19 3:15 p.m.32 views

CVE-2019-20859

An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via crafted input.

7.5CVSS7.5AI score0.00322EPSS
CVE
CVE
added 2020/06/19 4:15 p.m.32 views

CVE-2019-20868

An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated.

7.5CVSS7.5AI score0.00241EPSS
CVE
CVE
added 2020/06/19 4:15 p.m.32 views

CVE-2019-20871

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2020/06/19 4:15 p.m.31 views

CVE-2019-20872

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services.

5.5CVSS5.4AI score0.00051EPSS
CVE
CVE
added 2020/06/19 4:15 p.m.31 views

CVE-2019-20874

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information during a role change.

7.5CVSS7.2AI score0.00322EPSS
CVE
CVE
added 2020/06/19 5:15 p.m.30 views

CVE-2019-20876

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Users can deactivate themselves, bypassing a policy.

5.5CVSS5.4AI score0.00351EPSS
CVE
CVE
added 2020/06/19 5:15 p.m.30 views

CVE-2019-20878

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Changes, within the application, to e-mail addresses are mishandled.

4.3CVSS4.6AI score0.00226EPSS
CVE
CVE
added 2020/06/19 5:15 p.m.26 views

CVE-2019-20875

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a password reset to proceed while an e-mail address is being changed.

5.3CVSS5.3AI score0.00195EPSS