Описание
Mattermost Server allows attackers to gain privileges by accessing unintended API endpoints with users' credentials
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf.
Пакеты
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
< 4.1.2
4.1.2
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
>= 4.2.0-rc1, < 4.2.1
4.2.1
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
>= 4.3.0-rc1, < 4.3.0
4.3.0
Связанные уязвимости
CVSS3: 9.8
nvd
больше 5 лет назад
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf.
CVSS3: 9.8
debian
больше 5 лет назад
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and ...