An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
Published at: June 19, 2020 at 10:15AM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2019-20843
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.
Published at: June 19, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-20844
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.
Published at: June 19, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-20845
An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.
Published at: June 19, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-20846
An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.
Published at: June 19, 2020 at 10:15AM
View on website
Educ Arte Económico 