Количество 3
Количество 3
CVE-2024-39839
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a remote to set their remote username prop to an arbitrary string, which would be then synced to the local server as long as the user hadn't been synced before.
CVE-2024-39839
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9. ...
GHSA-vg6q-84p8-qvqh
Mattermost allows a user on a remote to set their remote username prop to an arbitrary string
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-39839 Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a remote to set their remote username prop to an arbitrary string, which would be then synced to the local server as long as the user hadn't been synced before. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-39839 Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9. ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-vg6q-84p8-qvqh Mattermost allows a user on a remote to set their remote username prop to an arbitrary string | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу