Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MattermostMattermost Server7.7.1

4 matches found

CVE
CVEadded 2023/03/31 12:15 p.m.65 views

CVE-2023-1776

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file.

7.3CVSS6.1AI score0.00474EPSS
CVE
CVEadded 2023/03/31 12:15 p.m.48 views

CVE-2023-1777

Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call, disclosing the contents of the linked message.

6.5CVSS5.6AI score0.00181EPSS
CVE
CVEadded 2023/03/31 12:15 p.m.41 views

CVE-2023-1775

When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients.

6.5CVSS5.2AI score0.00176EPSS
CVE
CVEadded 2023/03/31 12:15 p.m.40 views

CVE-2023-1774

When processing an email invite to a private channel on a team, Mattermost fails to validate the inviter's permission to that channel, allowing an attacker to invite themselves to a private channel.

5.4CVSS4.6AI score0.00152EPSS