Page 12 of 185 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.0. Permite un ataque de tipo XSS por medio de una configuración Legal o Support • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled. Se detectó un problema en Mattermost Server versiones anteriores a 3.0.2. Los propósitos de un ID de sesión y un Token de Sesión fueron manejados inapropiadamente • https://mattermost.com/security-updates • CWE-287: Improper Authentication •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place. Se detectó un problema en Mattermost Server versiones anteriores a 3.1.0. Permite un ataque de tipo XSS porque los mecanismos de protección noreferrer y noopener no estaban en su lugar • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values. Se detectó un problema en Mattermost Server versiones anteriores a 3.1.0. Permite un ataque de tipo XSS por medio de valores de código de color del tema • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change. Se detectó un problema en Mattermost Server versiones anteriores a 3.2.0. Maneja inapropiadamente los intentos de fuerza bruta en el cambio de contraseña • https://mattermost.com/security-updates • CWE-521: Weak Password Requirements •