Page 11 of 183 results (0.011 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.0. No garantiza que una cookie sea usada sobre SSL • https://mattermost.com/security-updates • CWE-295: Improper Certificate Validation •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.0. Permite a atacantes obtener información confidencial sobre las URL del equipo por medio de una API • https://mattermost.com/security-updates • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.0. Un enlace de restablecimiento de contraseña podría ser reutilizado • https://mattermost.com/security-updates • CWE-287: Improper Authentication •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.0. Permite un ataque de tipo XSS por medio de una configuración Legal o Support • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.2. Los propósitos de un ID de sesión y un Token de Sesión fueron manejados inapropiadamente • https://mattermost.com/security-updates • CWE-287: Improper Authentication •