Описание
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
Примечания
https://cve.report/CVE-2021-37862 (MMSA-2021-0074)
EPSS
Процентиль: 38%
0.00168
Низкий
Связанные уязвимости
CVSS3: 3.7
nvd
около 4 лет назад
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.
github
около 4 лет назад
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.
EPSS
Процентиль: 38%
0.00168
Низкий