Описание
An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 36%
0.00152
Низкий
Связанные уязвимости
CVSS3: 4.3
nvd
больше 5 лет назад
An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.
CVSS3: 4.3
github
больше 3 лет назад
Mattermost Server's OAuth 2.0 service is vulnerable to attack through Missing Authorization
EPSS
Процентиль: 36%
0.00152
Низкий