An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.
Published at: June 19, 2020 at 03:15PM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2017-18884
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by using a registered OAuth application with personal access tokens.
Published at: June 19, 2020 at 03:15PM
View on website
New vulnerability on the NVD: CVE-2017-18885
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user’s behalf.
Published at: June 19, 2020 at 03:15PM
View on website
New vulnerability on the NVD: CVE-2017-18886
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.
Published at: June 19, 2020 at 03:15PM
View on website
New vulnerability on the NVD: CVE-2017-18887
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator’s e-mail address to members.
Published at: June 19, 2020 at 03:15PM
View on website
Educ Arte Económico 