Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 384 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-47168 Open redirect in /oauth/<service>/mobile_login?redirect_to= MattermostMattermost Medium 4.3 2023-11-27 09:12:53 Deep Dive
CVE-2023-6202 Insecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost Boards MattermostMattermost Medium 4.3 2023-11-27 09:12:05 Deep Dive
CVE-2023-43754 Permalink previews displayed for posts in archived channels even if users are disallowed to view archived channels MattermostMattermost Medium 4.3 2023-11-27 09:11:13 Deep Dive
CVE-2023-48369 Log Flooding due to specially crafted requests in different endpoints MattermostMattermost Medium 4.3 2023-11-27 09:10:21 Deep Dive
CVE-2023-35075 HTML injection via channel autocomplete MattermostMattermost Low 3.1 2023-11-27 09:09:20 Deep Dive
CVE-2023-40703 Denial of Service via specially crafted block fields in Mattermost Boards MattermostMattermost Medium 4.3 2023-11-27 09:08:31 Deep Dive
CVE-2023-48268 Denial of Service via Board Import Zip Bomb MattermostMattermost Medium 4.3 2023-11-27 09:07:30 Deep Dive
CVE-2023-45223 Users full name disclosure through Mattermost Boards with Show Full Name Option disabled MattermostMattermost Medium 4.3 2023-11-27 09:06:34 Deep Dive
CVE-2023-47865 Username and Icon override can be used by members when Hardened Mode is enabled MattermostMattermost Medium 4.3 2023-11-27 09:05:20 Deep Dive
CVE-2023-5969 Denial of Service via Link Preview in /api/v4/redirect_location MattermostMattermost Medium 5.3 2023-11-06 15:48:24 Deep Dive
CVE-2023-5968 Password hash in response body after username update MattermostMattermost Medium 4.9 2023-11-06 15:35:14 Deep Dive
CVE-2023-5967 Denial of Service via crashing the Calls Plugin MattermostMattermost Medium 4.3 2023-11-06 15:24:25 Deep Dive
CVE-2023-5920 Lack Of Secure Keyboard Entry Protection in MacOS Desktop MattermostMattermost Desktop Low 2.9 2023-11-02 08:34:31 Deep Dive
CVE-2023-5875 Lack of Hardening against media exploitation from a remote origin MattermostMattermost Desktop Low 3.7 2023-11-02 08:27:05 Deep Dive
CVE-2023-5876 Regex DoS from a malicious server enrolled in Desktop MattermostMattermost Desktop Low 3.1 2023-11-02 08:26:02 Deep Dive
CVE-2023-5522 Mobile app freezes when receiving a post with hundreds of emojis MattermostMattermost Medium 4.3 2023-10-17 09:41:15 Deep Dive
CVE-2023-5339 Mattermost Desktop logs all keystrokes during initial run after fresh installation  MattermostMattermost Medium 4.7 2023-10-17 09:30:42 Deep Dive
CVE-2023-5333 Denial of Service via multiple identical User IDs in /api/v4/users/ids MattermostMattermost Medium 4.3 2023-10-09 10:41:37 Deep Dive
CVE-2023-5331 File Information Leak via IDOR in file_id in Draft Posts MattermostMattermost Medium 4.3 2023-10-09 10:40:26 Deep Dive
CVE-2023-5330 Denial of Service via Opengraph Data Cache MattermostMattermost Medium 4.3 2023-10-09 10:38:39 Deep Dive