[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251081 Download | Alert*

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. XSS can occur via a link on an error page.

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access.

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integration permission restriction.

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens.

An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname.

An issue was discovered in Mattermost Server before 3.7.0 and 3.6.3. Attackers can use the API for unauthenticated team creation.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none

An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.

An issue was discovered in Mattermost Server before 3.6.0 and 3.5.2. XSS can occur via a link on an error page.


Pages:      Start    15160    15161    15162    15163    15164    15165    15166    15167    15168    15169    15170    15171    15172    15173    ..   25108

© SecPod Technologies