Page 7 of 187 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11070

https://notcve.org/view.php?id=CVE-2016-11070

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values. Se detectó un problema en Mattermost Server versiones anteriores a 3.1.0. Permite un ataque de tipo XSS por medio de valores de código de color del tema • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11069

https://notcve.org/view.php?id=CVE-2016-11069

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change. Se detectó un problema en Mattermost Server versiones anteriores a 3.2.0. Maneja inapropiadamente los intentos de fuerza bruta en el cambio de contraseña • https://mattermost.com/security-updates • CWE-521: Weak Password Requirements •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11068

https://notcve.org/view.php?id=CVE-2016-11068

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection. Se detectó un problema en Mattermost Server versiones anteriores a 3.2.0. Los atacantes podían leer los campos LDAP mediante inyección • https://mattermost.com/security-updates • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11067

https://notcve.org/view.php?id=CVE-2016-11067

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang. Se detectó un problema en Mattermost Server versiones anteriores a 3.2.0. Permitió publicaciones diseñadas que podrían hacer que un navegador web se bloquee • https://mattermost.com/security-updates • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11066

https://notcve.org/view.php?id=CVE-2016-11066

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. Se detectó un problema en Mattermost Server versiones anteriores a 3.2.0. La API initial_load reveló información personal innecesaria • https://mattermost.com/security-updates • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11065

https://notcve.org/view.php?id=CVE-2016-11065

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance. Se detectó un problema en Mattermost Server versiones anteriores a 3.3.0. Un atacante podría usar la funcionalidad WebSocket para enviar mensajes emergentes a los usuarios o cambiar la apariencia de una publicación • https://mattermost.com/security-updates • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11063

https://notcve.org/view.php?id=CVE-2016-11063

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview. Se detectó un problema en Mattermost Server versiones anteriores a 3.5.1. Un ataque de tipo XSS puede presentarse por medio de la vista previa del archivo • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-11062

https://notcve.org/view.php?id=CVE-2016-11062

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed. Se detectó un problema en Mattermost Server versiones anteriores a 3.5.1. La verificación de la dirección de correo electrónico puede ser omitida • https://mattermost.com/security-updates • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18921

https://notcve.org/view.php?id=CVE-2017-18921

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.6.0 and 3.5.2. XSS can occur via a link on an error page. Se detectó un problema en Mattermost Server versiones anteriores a 3.6.0 y 3.5.2. Un ataque de tipo XSS puede presentarse por medio de un enlace en una página de error • https://mattermost.com/security-updates • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18920

https://notcve.org/view.php?id=CVE-2017-18920

19 Jun 2020 — An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy. Se detectó un problema en Mattermost Server versiones anteriores a 3.6.2. La funcionalidad WebSocket no sigue la Política del Mismo Origen • https://mattermost.com/security-updates •