Mattermost — безопасная платформа для совместной работы, позволяющая объединить ваши команды, инструменты и процессы для ускорения критически важной работы.
Релизный цикл, информация об уязвимостях
График релизов
Количество 263
CVE-2021-37864
Mattermost 6.1 and earlier fails to sufficiently validate permissions ...
GHSA-hvvh-wh5g-3ppr
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails.
CVE-2021-37861
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails.
CVE-2021-37861
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's pas ...
GHSA-hv5f-73mr-7vvj
Cross-site Scripting in Mattermost
CVE-2021-37860
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP.
CVE-2021-37860
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard c ...
CVE-2021-37859
Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost.
CVE-2021-37859
Fixed a bypass for a reflected cross-site scripting vulnerability affe ...
CVE-2020-13891
An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2021-37864 Mattermost 6.1 and earlier fails to sufficiently validate permissions ... | CVSS3: 2.6 | 0% Низкий | около 4 лет назад |
| GHSA-hvvh-wh5g-3ppr Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails. | 0% Низкий | около 4 лет назад | |
 | CVE-2021-37861 Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails. | CVSS3: 5.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-37861 Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's pas ... | CVSS3: 5.8 | 0% Низкий | около 4 лет назад |
| GHSA-hv5f-73mr-7vvj Cross-site Scripting in Mattermost | CVSS3: 6.1 | 0% Низкий | больше 4 лет назад |
| CVE-2021-37860 Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP. | CVSS3: 3.7 | 0% Низкий | больше 4 лет назад |
| CVE-2021-37860 Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard c ... | CVSS3: 3.7 | 0% Низкий | больше 4 лет назад |
| CVE-2021-37859 Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost. | CVSS3: 7.1 | 45% Средний | больше 4 лет назад |
| CVE-2021-37859 Fixed a bypass for a reflected cross-site scripting vulnerability affe ... | CVSS3: 7.1 | 45% Средний | больше 4 лет назад |
| CVE-2020-13891 An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022. | CVSS3: 7.5 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу