Page 3 of 11 results (0.008 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. La aplicación web Mattermost no puede validar los parámetros de ruta en//channels/, lo que permite a un atacante realizar un path traversal del lado del cliente. • https://mattermost.com/security-updates • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •