mattermost server · threatengine.sh

CVE-2026-6347

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields in the

7.6HIGH

CVE-2026-6346

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields before

8.7HIGH

CVE-2026-6345

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail prevent disclosure of created user password which

6.5MEDIUM

CVE-2026-6343

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to check public/private permissions which allows

4.3MEDIUM

CVE-2026-6339

>= 11.4.0 and < 11.4.4

Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to validate the X-Requested-With header on the burn-on-read reveal end

4.3MEDIUM

CVE-2026-5163

>= 11.5.0 and < 11.5.2

Mattermost versions 11.5.x <= 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows a

6.5MEDIUM

CVE-2026-4286

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to check if {{team_id}} was being changed when updating playbooks,

3.1LOW

CVE-2026-2325

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to limit the size of the request body on the star

4.3MEDIUM

CVE-2026-28759

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate that a remote cluster has access to a

4.3MEDIUM

CVE-2026-4054

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to validate the response body of proxied images,

4.3MEDIUM

CVE-2026-4053

>= 10.11.0 and < 10.11.14

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit on non-message post fields which a

3.1LOW

CVE-2026-3590

>= 10.11.0 and < 10.11.13

Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use co

6.5MEDIUM

CVE-2026-28741

>= 10.11.0 and < 10.11.13

Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to validate CSRF tokens on an a

6.8MEDIUM

CVE-2026-27769

>= 10.11.0 and < 10.11.13

Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace whi

2.7LOW

CVE-2026-21388

<= 2.3.1

Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an aut

3.7LOW

CVE-2026-3115

>= 10.11.0 and < 10.11.11

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to apply view restrictions when

4.3MEDIUM

CVE-2026-3114

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate decompressed archiv

6.5MEDIUM

CVE-2026-3113

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to set permissions on downloade

5.0MEDIUM

CVE-2026-3112

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate Advanced Logging fi

6.8MEDIUM

CVE-2026-3108

>= 10.11.0 and < 10.11.11

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled pos

8.0HIGH

CVE-2026-4274

>= 10.11.0 and < 10.11.11

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to restrict team-level access w

5.4MEDIUM

CVE-2026-27659

>= 10.11.0 and < 10.11.11

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to properly validate CSRF token

4.6MEDIUM

CVE-2026-27656

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate user ident

5.7MEDIUM

CVE-2026-26233

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to rate limit login requests wh

4.3MEDIUM

CVE-2026-20719

>= 10.11.0 and < 10.11.12

Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to prevent rendering of externa

4.3MEDIUM

CVE-2026-2454

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to handle incorrectly reported array lengths whic

5.8MEDIUM

CVE-2026-26230

>= 10.11.0 and < 10.11.11

Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint wh

3.8LOW

CVE-2026-1629

>= 10.11.0 and < 10.11.11

Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a user loses channel access which al

4.3MEDIUM

CVE-2026-26304

>= 11.2.0 and < 11.2.3

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for empty playbookId, which allows tea

4.3MEDIUM

CVE-2026-2455

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to canonicalize IPv4-mapped IPv6 addresses before

4.3MEDIUM

CVE-2026-24692

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly enforce read permissions in search AP

4.3MEDIUM

CVE-2026-22545

>= 10.11.0 and < 10.11.11

Mattermost versions 10.11.x <= 10.11.10 fail to validate user's authentication method when processing account auth type switch whi

3.1LOW

CVE-2026-21386

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to use consistent error responses when handling t

4.3MEDIUM

CVE-2026-4265

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to validate team-specific upload_file permissions

4.3MEDIUM

CVE-2026-2578

>= 11.3.0 and < 11.3.1

Mattermost versions 11.3.x <= 11.3.0 fail to preserve the redacted state of burn-on-read posts during deletion which allows channe

4.3MEDIUM

CVE-2026-2463

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to filter invite IDs based on user permissions, w

4.3MEDIUM

CVE-2026-2462

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to restrict plugin installation on CI test instan

6.6MEDIUM

CVE-2026-2461

< 10.11.11

Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications,

4.3MEDIUM

CVE-2026-2458

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly validate team membership when searchi

4.3MEDIUM

CVE-2026-2457

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to sanitize client-supplied post metadata which a

4.3MEDIUM

CVE-2026-2456

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 Mattermost fails to limit the size of responses from i

5.3MEDIUM

CVE-2026-26246

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to bound memory allocation when processing PSD im

4.3MEDIUM

CVE-2026-25783

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly validate User-Agent header tokens whi

4.3MEDIUM

CVE-2026-25780

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to bound memory allocation when processing DOC fi

4.3MEDIUM

CVE-2026-24458

>= 10.11.0 and < 10.11.11

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly handle very long passwords, which all

7.5HIGH

CVE-2025-14573

>= 10.11.0 and < 10.11.10

Mattermost versions 10.11.x <= 10.11.9 fail to enforce invite permissions when updating team settings, which allows team administr

3.8LOW

CVE-2025-14350

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validate team membership when processi

4.3MEDIUM

CVE-2025-13821

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensitive data in WebSocket messages w

5.7MEDIUM

CVE-2026-0999

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validate login method restrictions whi

5.4MEDIUM

CVE-2026-0998

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to va

4.3MEDIUM

CVE-2026-0997

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to va

4.3MEDIUM

CVE-2026-22892

>= 10.11.0 and < 10.11.10

Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to validate user permissions when creating Jira is

4.3MEDIUM

CVE-2026-20796

>= 10.11.0 and < 10.11.10

Mattermost versions 10.11.x <= 10.11.9 fail to properly validate channel membership at the time of data retrieval which allows a d

3.1LOW

CVE-2025-14435

>= 10.11.0 and < 10.11.9

Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which

6.8MEDIUM

CVE-2025-14822

>= 10.11.0 and < 10.11.9

Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attack

3.1LOW

CVE-2025-64641

>= 10.11.0 and < 10.11.8

Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 fail to verify that post actions in

4.1MEDIUM

CVE-2025-13767

>= 10.11.0 and < 10.11.8

Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 fails to validate user channel memb

4.3MEDIUM

CVE-2025-14273

>= 10.11.0 and < 10.11.8

Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 with the Jira plugin enabled and Ma

7.2HIGH

CVE-2025-13324

>= 10.11.0 and < 10.11.6

Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 10.12.2 fail to invalidate remote cluster invite tokens when

3.7LOW

CVE-2025-12689

>= 10.11.0 and < 10.11.7

Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 10.11.6 fail to check WebSocket request field for proper UTF-

6.5MEDIUM

CVE-2025-62690

>= 10.11.0 and < 10.11.5

Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a v

3.1LOW

CVE-2025-62190

>= 10.11.0 and < 10.11.7

Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 10.11.6 and Mattermost Calls versions <=1.10.0 fail to implem

4.3MEDIUM

CVE-2025-13352

>= 10.11.0 and < 10.11.7

Mattermost versions 10.11.x <= 10.11.6 and Mattermost GitHub plugin versions <=2.4.0 fail to validate plugin bot identity in react

3.0LOW

CVE-2025-13870

>= 10.5.0 and < 10.5.13

Mattermost versions 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate the user permission when accessing the files and subscr

3.1LOW

CVE-2025-12756

>= 10.5.0 and < 10.5.13

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate user permissions

4.3MEDIUM

CVE-2025-12421

>= 10.5.0 and < 10.5.13

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to verify that the token u

9.9CRITICAL

CVE-2025-12559

>= 10.5.0 and < 10.5.13

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addres

4.3MEDIUM

CVE-2025-12419

>= 10.5.0 and < 10.5.13

Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth st

9.9CRITICAL

CVE-2025-55074

>= 10.5.0 and < 10.5.12

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to enforce access permissions on the Agents plugin which allows oth

3.0LOW

CVE-2025-11794

>= 10.5.0 and < 10.5.12

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to sanitize user data which allows system admin

4.9MEDIUM

CVE-2025-55073

>= 10.5.0 and < 10.5.12

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to validate the relationship between the post b

5.4MEDIUM

CVE-2025-55070

< 11.0.0

Mattermost versions <11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to

6.5MEDIUM

CVE-2025-41436

< 11.0.0

Mattermost versions <11.0 fail to properly enforce the "Allow users to view archived channels" setting which allows regular users

3.1LOW

CVE-2025-11776

< 11.0.0

Mattermost versions <11 fail to properly restrict access to archived channel search API which allows guest users to discover archi

4.3MEDIUM

CVE-2025-11777

>= 10.5.0 and < 10.5.12

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to properly validate team membership permissions in the Add Channel

3.1LOW

CVE-2025-58075

>= 10.5.0 and < 10.5.11

Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Matte

8.1HIGH

CVE-2025-58073

>= 10.5.0 and < 10.5.11

Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Matte

8.1HIGH

CVE-2025-54499

>= 10.5.0 and < 10.5.11

Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to use constant-time comparison for sensitive string comparisons wh

3.1LOW

CVE-2025-41410

>= 10.5.0 and < 10.5.11

Mattermost versions 10.10.x <= 10.10.2, 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to validate email ownership during Slack import

5.4MEDIUM

CVE-2025-10545

>= 10.5.0 and < 10.5.11

Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when adding channel mem

3.1LOW

CVE-2025-41443

>= 10.5.0 and < 10.5.11

Mattermost versions 10.5.x <= 10.5.12, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when accessing channel

4.3MEDIUM

CVE-2025-9081

>= 9.11.0 and < 9.11.17

Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate access controls which allows any authenticated u

3.1LOW

CVE-2025-9079

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.1, 10.9.x <= 10.9.3 fail to validate i

8.0HIGH

CVE-2025-9084

>= 10.5.0 and < 10.5.10

Mattermost versions 10.5.x <= 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious

3.1LOW

CVE-2025-9072

>= 10.5.0 and < 10.5.10

Mattermost versions 10.10.x <= 10.10.1, 10.5.x <= 10.5.9, 10.9.x <= 10.9.4 fail to validate the redirect_to parameter, allowing an

7.6HIGH

CVE-2025-9078

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.1, 10.9.x <= 10.9.3 fail to properly v

4.3MEDIUM

CVE-2025-9076

>= 10.10.0 and < 10.10.2

Mattermost versions 10.10.x <= 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which

6.5MEDIUM

CVE-2025-8402

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.0, 10.9.x <= 10.9.3 fail to validate i

4.9MEDIUM

CVE-2025-6465

>= 10.5.0 and < 10.5.9

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 10.10.x <= 10.10.0, 10.9.x <= 10.9.3 fail to sanitize file names which all

4.3MEDIUM

CVE-2025-8023

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fails to sanitize path traversal seque

6.8MEDIUM

CVE-2025-53971

>= 9.11.0 and < 9.11.18

Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate authorization for team scheme role modifications

3.8LOW

CVE-2025-49810

>= 10.5.0 and < 10.5.9

Mattermost versions 10.5.x <= 10.5.8 fail to validate access controls at time of access which allows user to read a thread via AI

3.5LOW

CVE-2025-49222

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2, 10.10.x <= 10.10.0 fail to validate u

6.8MEDIUM

CVE-2025-47870

>= 9.11.0 and < 9.11.18

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fail to sanitize the team invite ID in

4.3MEDIUM

CVE-2025-47700

>= 10.5.0 and < 10.5.9

Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to

3.5LOW

CVE-2025-36530

>= 9.11.0 and < 9.11.18

Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate file paths d

6.8MEDIUM

CVE-2025-6227

>= 9.11.0 and < 9.11.17

Mattermost versions 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to negotiate a new token when accepting the invite which allows a use

2.2LOW

CVE-2025-6233

>= 9.11.0 and < 9.11.17

Mattermost versions 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to sanitize input paths of file a

6.8MEDIUM

CVE-2025-6226

>= 9.11.0 and < 9.11.17

Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 9.11.x <= 9.11.16 fail to verify authorization when retr

6.5MEDIUM

CVE-2025-47871

>= 9.11.0 and < 9.11.16

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly val

4.3MEDIUM

CVE-2025-46702

>= 9.11.0 and < 9.11.16

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enf

5.4MEDIUM

CVE-2025-3228

>= 9.11.0 and < 9.11.16

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly ret

4.3MEDIUM

CVE-2025-3227

>= 9.11.0 and < 9.11.16

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enf

4.3MEDIUM

CVE-2025-4981

>= 9.11.0 and < 9.11.16

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize fil

9.9CRITICAL

CVE-2025-4573

>= 9.11.0 and < 9.11.14

Mattermost versions 10.7.x <= 10.7.1, 10.6.x <= 10.6.3, 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly validate LDAP group I

4.1MEDIUM

CVE-2025-4128

>= 9.11.0 and < 9.11.14

Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest u

3.1LOW

CVE-2025-3611

>= 9.11.0 and < 9.11.13

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly enforce access control restrictions fo

3.1LOW

CVE-2025-3230

>= 9.11.0 and < 9.11.13

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal

5.4MEDIUM

CVE-2025-2571

>= 9.11.0 and < 9.11.13

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials

4.2MEDIUM

CVE-2025-1792

>= 9.11.0 and < 9.11.13

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly enforce access controls for guest users

3.1LOW

CVE-2025-3913

>= 9.11.0 and < 9.11.13

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly validate permissions

5.3MEDIUM

CVE-2025-2570

>= 9.11.0 and < 9.11.12

Mattermost versions 10.5.x <= 10.5.3, 9.11.x <= 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to

2.7LOW

CVE-2025-2527

>= 9.11.0 and < 9.11.12

Mattermost versions 10.5.x <= 10.5.2, 9.11.x <= 9.11.11 failed to properly verify a user's permissions when accessing groups, whic

4.3MEDIUM

CVE-2025-3446

>= 9.11.0 and < 9.11.12

Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to check the correct permissions

4.3MEDIUM

CVE-2025-31947

>= 9.11.0 and < 9.11.12

Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to lockout LDAP users following r

5.8MEDIUM

CVE-2025-41423

>= 9.11.0 and < 9.11.11

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate permissions for the API endpo

3.1LOW

CVE-2025-41395

>= 9.11.0 and < 9.11.11

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate the props used by the Retrospe

6.5MEDIUM

CVE-2025-35965

>= 9.11.0 and < 9.11.11

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the uniqueness and quantity of task act

6.5MEDIUM

CVE-2025-2564

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to properly enforce the 'Allow users to view/update

4.3MEDIUM

CVE-2025-31363

>= 9.11.0 and < 9.11.10

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact u

3.0LOW

CVE-2025-27936

< 10.5.2

Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to

5.3MEDIUM

CVE-2025-27571

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to check the "Allow Users to View Archived Channels"

4.3MEDIUM

CVE-2025-27538

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the reques

2.2LOW

CVE-2025-24839

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to prevent Wrangler posts from triggering AI respons

3.1LOW

CVE-2025-2475

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to invalidate the cache when a user account is conve

5.4MEDIUM

CVE-2025-2424

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which all

3.1LOW

CVE-2025-32093

>= 9.11.0 and < 9.11.10

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to restrict certain operations on system admins to o

4.7MEDIUM

CVE-2025-24866

>= 9.11.0 and < 9.11.9

Mattermost versions 9.11.x <= 9.11.8 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with

2.7LOW

CVE-2025-30179

>= 9.11.0 and < 9.11.9

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to enforce MFA on certain search APIs, which allows

4.3MEDIUM

CVE-2025-27933

>= 9.11.0 and < 9.11.9

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to fail to enforce channel conversion restrictions,

5.4MEDIUM

CVE-2025-27715

>= 9.11.0 and < 9.11.9

Mattermost versions 9.11.x <= 9.11.8 fail to prompt for explicit approval before adding a team admin to a private channel, which t

3.3LOW

CVE-2025-25274

>= 9.11.0 and < 9.11.9

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to restrict command execution in archived channels,

4.3MEDIUM

CVE-2025-25068

>= 9.11.0 and < 9.11.9

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8, 10.5.x <= 10.5.0 fail to enforce MFA on plugin endpoints

7.5HIGH

CVE-2025-24920

>= 9.11.0 and < 9.11.9

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8, 10.5.x <= 10.5.0 fail to restrict bookmark creation and

4.3MEDIUM

CVE-2025-1472

>= 9.11.0 and < 9.11.9

Mattermost versions 9.11.x <= 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the V

4.3MEDIUM

CVE-2025-25279

>= 9.11.0 and < 9.11.8

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks

9.9CRITICAL

CVE-2025-24526

>= 9.11.0 and < 9.11.8

Mattermost versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to restrict chan

4.3MEDIUM

CVE-2025-24490

>= 9.11.0 and < 9.11.8

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the

9.6CRITICAL

CVE-2025-20051

>= 9.11.0 and < 9.11.8

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when pa

9.9CRITICAL

CVE-2025-1412

>= 9.11.0 and < 9.11.7

Mattermost versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, wit

3.1LOW

CVE-2025-0503

>= 9.11.0 and < 9.11.7

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer u

3.1LOW

CVE-2025-20621

>= 9.11.0 and < 9.11.6

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with atta

6.5MEDIUM

CVE-2025-20088

>= 9.11.0 and < 9.11.6

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props wh

6.5MEDIUM

CVE-2025-20086

>= 9.11.0 and < 9.11.6

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props wh

6.5MEDIUM

CVE-2025-21088

>= 9.11.0 and < 9.11.6

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate the style of

6.5MEDIUM

CVE-2025-22449

>= 9.11.0 and < 9.11.6

Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite us

3.8LOW

CVE-2025-22445

>= 10.0.0 and < 10.3.0

Mattermost versions 10.x <= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls

3.5LOW

CVE-2025-20033

>= 9.11.0 and < 9.11.6

Mattermost versions 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post types, which allow

4.3MEDIUM

CVE-2024-54682

>= 9.5.0 and < 9.5.13

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to limit the file size for slack im

6.5MEDIUM

CVE-2024-54083

>= 9.5.0 and < 9.5.13

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to properly validate the type of c

6.5MEDIUM

CVE-2024-48872

>= 9.5.0 and < 9.5.13

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, and 9.5.x <= 9.5.12 fail to prevent concurrently checki

4.8MEDIUM

CVE-2024-12247

>= 9.7.0 and < 9.7.6

Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate permission scheme updates across

4.6MEDIUM

CVE-2024-11599

>= 9.5.0 and < 9.5.12

Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresse

8.2HIGH

CVE-2024-52032

>= 9.11.0 and < 9.11.3

Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch when searching for the channel nam

4.3MEDIUM

CVE-2024-42000

>= 9.5.0 and < 9.5.10

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail to properly authorize the request

2.7LOW

CVE-2024-36250

>= 9.5.0 and < 9.5.11

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against replay attacks, which allows an at

3.1LOW

CVE-2024-47401

>= 9.5.0 and < 9.5.10

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1 and 9.5.x <= 9.5.9 fail to prevent detailed error messages from being disp

4.3MEDIUM

CVE-2024-46872

>= 9.5.0 and <= 9.5.9

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used

4.6MEDIUM

CVE-2024-50052

>= 9.5.0 and < 9.5.10

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to check that the origin of the message in an integra

4.3MEDIUM

CVE-2024-10241

>= 9.5.0 and < 9.5.10

Mattermost versions 9.5.x <= 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to g

4.3MEDIUM

CVE-2024-9155

>= 9.5.0 and < 9.5.9

Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to channels files that have not been lin

4.3MEDIUM

CVE-2024-47145

>= 9.5.0 and < 9.5.9

Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabl

3.1LOW

CVE-2024-47003

>= 9.5.0 and < 9.5.9

Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to validate that the message of the permalink post is a string, whic

3.1LOW

CVE-2024-45843

>= 9.5.0 and < 9.5.9

Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, whic

3.1LOW

CVE-2024-42406

>= 9.5.0 and < 9.5.9

Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to properly authorize requests when

5.4MEDIUM

CVE-2024-43780

>= 9.5.0 and < 9.5.8

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user w

4.3MEDIUM

CVE-2024-42497

>= 9.5.0 and < 9.5.8

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to properly enforce permissions which al

6.0MEDIUM

CVE-2024-40884

>= 9.5.0 and < 9.5.8

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "

2.7LOW

CVE-2024-41926

>= 9.5.0 and < 9.5.7

Mattermost versions 9.9.x <= 9.9.0 and 9.5.x <= 9.5.6 fail to validate the source of sync messages and only allow the correct remo

2.7LOW

CVE-2024-41162

>= 9.5.0 and < 9.5.7

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to disallow the modification of local

4.1MEDIUM

CVE-2024-41144

>= 9.5.0 and < 9.5.7

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly validate synced posts, when s

5.5MEDIUM

CVE-2024-39839

>= 9.5.0 and < 9.5.7

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow users to set their own remote

4.3MEDIUM

CVE-2024-39837

>= 9.5.0 and < 9.5.7

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6 fail to properly restrict channel creation which allows a malicious remote to

3.8LOW

CVE-2024-5272

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbo

4.3MEDIUM

CVE-2024-5270

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.7.x <= 9.7.1, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to check if the email signup configura

4.3MEDIUM

CVE-2024-36255

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper input validation on post actions whi

5.7MEDIUM

CVE-2024-36241

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to enforce proper access controls which allows user to

3.1LOW

CVE-2024-34152

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest

4.3MEDIUM

CVE-2024-34029

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.7.x <= 9.7.1 and 8.1.x <= 8.1.12 fail to perform a proper authorization check in the /api/v4

4.3MEDIUM

CVE-2024-32045

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to enforce proper access controls for channel and team me

5.9MEDIUM

CVE-2024-31859

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper authorization checks which allows a

4.3MEDIUM

CVE-2024-29215

>= 8.1.0 and < 8.1.13

Mattermost versions 9.5.x <= 9.5.3, 9.7.x <= 9.7.1, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to enforce proper access control which al

4.3MEDIUM

CVE-2024-4198

>= 8.1.0 and < 8.1.12

Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes which allows an attacke

2.7LOW

CVE-2024-4195

>= 8.1.0 and < 8.1.12

Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attack

2.7LOW

CVE-2024-4183

>= 8.1.0 and < 8.1.12

Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of ac

4.3MEDIUM

CVE-2024-4182

>= 8.1.0 and < 8.1.12

Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in c

4.3MEDIUM

CVE-2024-32046

>= 8.1.0 and < 8.1.12

Mattermost versions 9.6.x <= 9.6.0, 9.5.x <= 9.5.2, 9.4.x <= 9.4.4 and 8.1.x <= 8.1.11 fail to remove detailed error messages in A

4.3MEDIUM

CVE-2024-22091

>= 8.1.0 and < 8.1.12

Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path t

3.1LOW

CVE-2024-2447

>= 8.1.0 and < 8.1.11

Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the s

6.5MEDIUM

CVE-2024-29221

>= 8.1.0 and < 8.1.11

Improper Access Control in Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1

4.7MEDIUM

CVE-2024-28949

>= 8.1.0 and < 8.1.11

Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number

4.3MEDIUM

CVE-2024-21848

>= 8.1.0 and < 8.1.11

Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active c

3.1LOW

CVE-2024-2450

>= 8.1.0 and < 8.1.10

Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify a

8.8HIGH

CVE-2024-2446

>= 8.1.0 and < 8.1.10

Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to limit the number o

4.3MEDIUM

CVE-2024-2445

>= 8.1.0 and < 8.1.10

Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and

6.1MEDIUM

CVE-2024-28053

>= 8.1.0 and < 8.1.10

Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and

3.1LOW

CVE-2024-1953

>= 8.1.0 and < 8.1.9

Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names r

4.3MEDIUM

CVE-2024-1952

>= 8.1.0 and < 8.1.9

Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, a

3.1LOW

CVE-2024-1949

>= 8.1.0 and < 8.1.9

A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauth

2.6LOW

CVE-2024-1942

>= 8.1.0 and < 8.1.9

Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0 fail to sanitize the metadata on posts containing permalinks

4.3MEDIUM

CVE-2024-1888

< 8.1.9

Mattermost fails to check the "invite_guest" permission when inviting guests of other teams to a team, allowing a member with pe

4.3MEDIUM

CVE-2024-24988

< 8.1.8

Mattermost fails to properly validate the length of the emoji value in the custom user status, allowing an attacker to send multi

4.3MEDIUM

CVE-2024-23493

< 8.1.9

Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of�

4.3MEDIUM

CVE-2024-23488

< 8.1.9

Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being abl

3.1LOW

CVE-2024-1887

< 8.1.9

Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a mem

4.3MEDIUM

CVE-2024-1402

<= 8.1.7

Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis all

4.3MEDIUM

CVE-2024-24776

<= 8.1.7

Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel memb

3.1LOW

CVE-2024-24774

<= 8.1.7

Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user

3.4LOW

CVE-2024-23319

<= 8.1.7

Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would di

3.5LOW

CVE-2023-50333

< 8.1.7

Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demo

3.7LOW

CVE-2023-48732

< 8.1.7

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broa

4.3MEDIUM

CVE-2023-47858

< 8.1.7

Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team

4.3MEDIUM

CVE-2023-7113

< 8.1.7

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in

3.7LOW

CVE-2023-6727

<= 8.1.5

Mattermost fails to perform correct authorization checks when creating a playbook action, allowing users without access to the pla

3.1LOW

CVE-2023-6547

<= 8.1.5

Mattermost fails to validate team membership when a user attempts to access a playbook, allowing a user with permissions to a play

3.7LOW

CVE-2023-49874

<= 7.8.14

Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update

4.3MEDIUM

CVE-2023-49809

<= 8.1.5

Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to send a request with null request

4.3MEDIUM

CVE-2023-49607

<= 7.8.14

Mattermost fails to validate the type of the "reminder" body request parameter allowing an attacker to crash the Playbook Plugin w

4.3MEDIUM

CVE-2023-46701

<= 7.8.14

Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Pla

6.5MEDIUM

CVE-2023-45847

<= 7.8.14

Mattermost fails to check the length when setting the title in a run checklist in Playbooks, allowing an attacker to send a spe

4.3MEDIUM

CVE-2023-45316

<= 7.8.14

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/<telem_run_id> as a telemetry

7.3HIGH

CVE-2023-6459

< 7.8.14

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID,

5.3MEDIUM

CVE-2023-6458

< 7.8.14

Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a cl

7.1HIGH

CVE-2023-5333

< 7.8.11

Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and poss

4.3MEDIUM

CVE-2023-5331

< 7.8.11

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing una

4.3MEDIUM

CVE-2023-5330

< 7.8.11

Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially

4.3MEDIUM

CVE-2023-4478

< 7.8.9

Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register use

4.3MEDIUM

CVE-2023-3614

< 7.8.7

Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources,

4.3MEDIUM

CVE-2023-3613

< 7.8.6

Mattermost WelcomeBot plugin fails to validate the membership status when inviting or adding users to channels allowing guest

3.5LOW

CVE-2023-3593

>= 7.8.0 and < 7.8.7

Mattermost fails to properly validate markdown, allowing an attacker to crash the server via a specially crafted markdown input.

4.3MEDIUM

CVE-2023-3591

>= 7.8.0 and < 7.8.7

Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created.

4.8MEDIUM

CVE-2023-3590

>= 7.10.0 and < 7.10.3

Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments.

3.1LOW

CVE-2023-3587

>= 7.8.0 and < 7.8.7

Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a

2.7LOW

CVE-2023-3586

>= 7.8.0 and < 7.8.7

Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting i

4.2MEDIUM

CVE-2023-3585

< 7.8.7

Mattermost Boards fail to properly validate a board link, allowing an attacker to crash a channel by posting a specially crafted

4.3MEDIUM

CVE-2023-3584

>= 7.8.0 and < 7.8.5

Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request,

3.1LOW

CVE-2023-3582

>= 7.8.0 and < 7.8.7

Mattermost fails to verify channel membership when linking a board to a channel allowing a low-privileged authenticated user to li

4.3MEDIUM

CVE-2023-3581

>= 7.8.0 and < 7.8.7

Mattermost fails to properly validate the origin of a websocket connection allowing a MITM attacker on Mattermost to access the we

6.2MEDIUM

CVE-2023-3577

>= 7.8.0 and < 7.8.7

Mattermost fails to properly restrict requests to localhost/intranet during the interactive dialog, which could allow an attacker

3.5LOW

CVE-2023-2515

< 7.1.8

Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their

4.7MEDIUM

CVE-2023-2281

< 7.9.0

When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows t

3.1LOW

CVE-2023-1831

< 7.7.3

Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations

7.2HIGH

CVE-2023-1777

< 7.1.6

Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call,

6.5MEDIUM

CVE-2023-1776

< 7.1.6

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direc

7.3HIGH

CVE-2023-1775

< 7.1.6

When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events b

4.3MEDIUM

CVE-2023-1774

< 7.1.6

When processing an email invite to a private channel on a team, Mattermost fails to validate the inviter's permission to that chan

4.2MEDIUM

CVE-2023-1421

>= 5.32.0 and < 7.7.0

A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJA

3.5LOW

CVE-2023-27266

>= 5.12.0 and < 7.7.0

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, a

2.7LOW

CVE-2023-27265

>= 5.12.0 and < 7.7.0

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, al

2.7LOW

CVE-2022-3257

< 7.2.0

Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while draft

3.1LOW

CVE-2022-3147

< 7.1.0

Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which a

3.1LOW

CVE-2022-2401

< 6.3.9

Unrestricted information disclosure of all users in Mattermost version 6.7.0 and earlier allows team members to access some sensit

6.5MEDIUM

CVE-2022-2366

< 6.3.9

Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of th

5.6MEDIUM

CVE-2022-1982

>= 5.0.0 and < 6.3.8

Uncontrolled resource consumption in Mattermost version 6.6.0 and earlier allows an authenticated attacker to crash the server via

4.3MEDIUM

CVE-2022-1385

< 6.5.0

Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system c

3.7LOW

CVE-2022-1384

< 6.5.0

Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, w

4.7MEDIUM

CVE-2022-1337

>= 5.37.0 and < 5.37.9

The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which a

4.3MEDIUM

CVE-2022-1332

>= 5.37.0 and < 5.37.9

One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated m

4.3MEDIUM

CVE-2022-0904

>= 5.0.0 and < 5.37.8

A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to cr

4.3MEDIUM

CVE-2022-0903

< 5.37.8

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker

5.3MEDIUM

CVE-2021-37863

<= 6.0

Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to

3.5LOW

CVE-2021-37862

<= 6.0

Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick u

3.7LOW

CVE-2017-18921

< 3.5.2

An issue was discovered in Mattermost Server before 3.6.0 and 3.5.2. XSS can occur via a link on an error page.

6.1MEDIUM

CVE-2017-18920

< 3.6.2

An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.

9.8CRITICAL

CVE-2017-18919

< 3.6.3

An issue was discovered in Mattermost Server before 3.7.0 and 3.6.3. Attackers can use the API for unauthenticated team creation.

5.3MEDIUM

CVE-2017-18918

>= 3.6.0 and < 3.6.5

An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arb

4.9MEDIUM

CVE-2017-18917

>= 3.6.0 and < 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth,

7.5HIGH

CVE-2017-18916

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integra

5.3MEDIUM

CVE-2017-18915

>= 3.6.0 and < 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might sudden

9.8CRITICAL

CVE-2017-18914

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if i

5.3MEDIUM

CVE-2017-18913

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. XSS can occur via a link on an error page.

6.1MEDIUM

CVE-2017-18908

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an att

9.8CRITICAL

CVE-2017-18907

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. XSS could occur via a channel header.

6.1MEDIUM

CVE-2017-18906

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker coul

8.1HIGH

CVE-2017-18905

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when used as an OAuth 2.0 service provider, Session

5.3MEDIUM

CVE-2016-11084

< 2.1.0

An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.

6.1MEDIUM

CVE-2016-11083

< 2.2.0

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser win

6.1MEDIUM

CVE-2016-11082

< 2.2.0

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.

6.1MEDIUM

CVE-2016-11081

< 2.2.0

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.

4.3MEDIUM

CVE-2016-11080

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account det

4.3MEDIUM

CVE-2016-11079

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.

6.1MEDIUM

CVE-2016-11078

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (creden

6.5MEDIUM

CVE-2016-11077

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the accou

2.7LOW

CVE-2016-11076

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.

5.3MEDIUM

CVE-2016-11075

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via

5.3MEDIUM

CVE-2016-11074

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.

9.8CRITICAL

CVE-2016-11073

< 3.0.0

An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.

6.1MEDIUM

CVE-2016-11072

< 3.0.2

An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.

6.5MEDIUM

CVE-2016-11071

< 3.1.0

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms

6.1MEDIUM

CVE-2016-11070

< 3.1.0

An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.

5.4MEDIUM

CVE-2016-11069

< 3.2.0

An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.

7.5HIGH

CVE-2016-11068

< 3.2.0

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.

5.3MEDIUM

CVE-2016-11067

< 3.2.0

An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.

5.3MEDIUM

CVE-2016-11066

< 3.2.0

An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.

7.5HIGH

CVE-2016-11065

< 3.3.0

An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to

4.3MEDIUM

CVE-2016-11063

< 3.5.1

An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.

6.1MEDIUM

CVE-2016-11062

< 3.5.1

An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.

5.3MEDIUM

CVE-2015-9548

< 1.2.0

An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) v

7.5HIGH

CVE-2017-18912

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. It allows an attacker to specify a full pathname of a

9.8CRITICAL

CVE-2017-18911

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate validation can be skipped for a

9.1CRITICAL

CVE-2017-18910

< 3.6.7

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. E-mail notifications can have spoofed links.

4.3MEDIUM

CVE-2017-18909

< 3.9.0

An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandato

7.5HIGH

CVE-2017-18904

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. It allows XSS via an uploaded file.

6.1MEDIUM

CVE-2017-18903

< 3.9.2

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. CSRF can occur if CORS is enabled.

8.8HIGH

CVE-2017-18902

< 3.10.3

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover team invite IDs via

5.3MEDIUM

CVE-2017-18901

< 3.10.3

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows attackers to discover a team invite ID by

5.3MEDIUM

CVE-2017-18900

< 3.10.3

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report.

9.8CRITICAL

CVE-2017-18899

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting.

5.3MEDIUM

CVE-2017-18898

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web

5.3MEDIUM

CVE-2017-18897

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishan

6.1MEDIUM

CVE-2017-18896

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs vi

5.3MEDIUM

CVE-2017-18895

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to obtain sensitive information (

5.3MEDIUM

CVE-2017-18894

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes

8.1HIGH

CVE-2017-18893

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.

6.1MEDIUM

CVE-2017-18892

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML conte

6.1MEDIUM

CVE-2017-18891

< 4.0.5

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a l

6.1MEDIUM

CVE-2017-18890

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows an attacker to create a button that, when p

4.3MEDIUM

CVE-2017-18889

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts

4.3MEDIUM

CVE-2017-18888

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multip

9.8CRITICAL

CVE-2017-18887

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to mem

5.3MEDIUM

CVE-2017-18886

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash co

8.8HIGH

CVE-2017-18885

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing u

9.8CRITICAL

CVE-2017-18884

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by using a reg

8.1HIGH

CVE-2017-18883

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There

9.1CRITICAL

CVE-2017-18882

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS can occur via OpenGraph data.

6.1MEDIUM

CVE-2017-18881

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via a goto_location response to a sla

6.1MEDIUM

CVE-2017-18880

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the title_link field of a Slack a

6.1MEDIUM

CVE-2017-18879

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the author_link field of a Slack

6.1MEDIUM

CVE-2017-18878

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another use

4.3MEDIUM

CVE-2017-18874

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin c

6.5MEDIUM

CVE-2018-21264

< 4.5.2

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML resp

8.8HIGH

CVE-2018-21256

< 5.1.0

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for group-mes

4.3MEDIUM

CVE-2018-21252

< 4.10.3

An issue was discovered in Mattermost Server before 5.2, 5.1.1, 5.0.3, and 4.10.3. Attackers could use multiple e-mail addresses t

4.3MEDIUM

CVE-2017-18873

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to cause a denial of service (cha

5.3MEDIUM

CVE-2017-18872

< 4.3.3

An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where

4.3MEDIUM

CVE-2019-20890

< 5.7.0

An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discovery restrictions.

4.3MEDIUM

CVE-2019-20889

>= 4.10.0 and < 4.10.5

An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token

5.3MEDIUM

CVE-2019-20888

< 4.10.5

An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of servic

7.5HIGH

CVE-2019-20887

< 4.10.6

An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not honor flags API permissions when

4.3MEDIUM

CVE-2019-20886

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin.

7.5HIGH

CVE-2019-20885

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt file.

7.5HIGH

CVE-2019-20884

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post.

5.3MEDIUM

CVE-2019-20883

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only. Users can pin or unpin a post.

4.3MEDIUM

CVE-2019-20882

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request

5.3MEDIUM

CVE-2019-20881

< 5.8.0

An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against MFA.

7.3HIGH

CVE-2019-20880

< 4.10.7

An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attackers to cause a denial of serv

7.5HIGH

CVE-2019-20879

< 4.10.7

An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-mail addresses do not require cr

4.3MEDIUM

CVE-2019-20878

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Changes, within the application, to e-mail ad

4.3MEDIUM

CVE-2019-20877

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive infor

5.3MEDIUM

CVE-2019-20876

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Users can deactivate themselves, bypassing a

5.4MEDIUM

CVE-2019-20875

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a password reset to proceed while a

5.3MEDIUM

CVE-2018-21263

< 4.5.2

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's

8.8HIGH

CVE-2018-21262

< 4.7.3

An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) vi

7.5HIGH

CVE-2018-21261

>= 4.6.0 and < 4.6.3

An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invit

4.3MEDIUM

CVE-2018-21260

>= 4.6.0 and < 4.6.3

An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. WebSocket events were accidentally sent during certai

2.7LOW

CVE-2018-21259

< 4.8.2

An issue was discovered in Mattermost Server before 4.10.1, 4.9.4, and 4.8.2. It allows attackers to cause a denial of service (ap

5.3MEDIUM

CVE-2018-21258

< 5.1.0

An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invite_people sl

7.5HIGH

CVE-2018-21257

< 5.1.0

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a

5.3MEDIUM

CVE-2018-21255

< 5.1.0

An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that c

4.3MEDIUM

CVE-2018-21254

< 5.1.0

An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channe

4.3MEDIUM

CVE-2018-21253

< 4.10.2

An issue was discovered in Mattermost Server before 5.1, 5.0.2, and 4.10.2. An attacker could use the invite_people slash command

4.3MEDIUM

CVE-2018-21251

< 5.1.1

An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not th

9.8CRITICAL

CVE-2018-21250

< 4.10.4

An issue was discovered in Mattermost Server before 5.2.2, 5.1.2, and 4.10.4. It allows remote attackers to cause a denial of serv

6.5MEDIUM

CVE-2018-21249

< 5.3.0

An issue was discovered in Mattermost Server before 5.3.0. It mishandles timing.

3.7LOW

CVE-2018-21248

< 5.4.0

An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials.

7.5HIGH

CVE-2017-18877

>= 4.1.0 and < 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/de

6.1MEDIUM

CVE-2017-18876

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin c

4.9MEDIUM

CVE-2017-18875

< 4.1.2

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin c

4.9MEDIUM

CVE-2017-18871

< 4.2.2

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of servi

7.5HIGH

CVE-2017-18870

< 4.3.4

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnl

4.3MEDIUM

CVE-2019-20874

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive infor

7.5HIGH

CVE-2019-20873

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive infor

6.5MEDIUM

CVE-2019-20872

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services.

5.5MEDIUM

CVE-2019-20871

< 4.10.8

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic back

7.5HIGH

CVE-2019-20870

< 5.10.0

An issue was discovered in Mattermost Server before 5.10.0. An attacker can bypass the intended appearance of the Edited flag afte

4.3MEDIUM

CVE-2019-20869

< 4.10.9

An issue was discovered in Mattermost Server before 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch C

5.3MEDIUM

CVE-2019-20868

< 4.10.8

An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated.

7.5HIGH

CVE-2019-20867

< 5.11.0

An issue was discovered in Mattermost Server before 5.11.0. An attacker can interfere with a channel's post loading via one crafte

5.3MEDIUM

CVE-2019-20866

< 5.12.0

An issue was discovered in Mattermost Server before 5.12.0. Use of a Proxy HTTP header, rather than the source address in an IP pa

5.3MEDIUM

CVE-2019-20865

< 4.10.10

An issue was discovered in Mattermost Server before 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The login page allows CSRF.

8.8HIGH

CVE-2019-20863

< 5.13.0

An issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properly restricted.

7.5HIGH

CVE-2019-20862

< 5.13.0

An issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash commands.

7.5HIGH

CVE-2019-20860

< 5.9.4

An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denia

5.5MEDIUM

CVE-2019-20859

< 4.10.8

An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via crafted input.

7.5HIGH

CVE-2019-20858

< 5.15.0

An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service (CPU consumption) via

7.5HIGH

CVE-2019-20857

< 5.16.0

An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of service (markdown renderer ha

7.5HIGH

CVE-2019-20855

< 5.9.6

An issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows attackers to obtain sensitive inf

7.5HIGH

CVE-2019-20854

< 5.17.0

An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a denial of service (client-side a

7.5HIGH

CVE-2020-14460

< 5.9.8

An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth applica

6.5MEDIUM

CVE-2020-14459

< 5.19.0

An issue was discovered in Mattermost Server before 5.19.0. Attackers can rename a channel and cause a collision with a direct mes

7.5HIGH

CVE-2020-14458

< 5.19.0

An issue was discovered in Mattermost Server before 5.19.0. Attackers can discover private channels via the "get channel by name"

7.5HIGH

CVE-2020-14457

< 5.20.0

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the update_team W

5.3MEDIUM

CVE-2020-14453

< 5.21.0

An issue was discovered in Mattermost Server before 5.21.0. Socket read operations are not appropriately restricted, which allows

7.5HIGH

CVE-2020-14452

< 5.21.0

An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTTP, aka MMSA-2020-0014.

5.3MEDIUM

CVE-2020-14450

< 5.22.0

An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (c

7.5HIGH

CVE-2020-14448

< 5.23.0

An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of

7.5HIGH

CVE-2020-14447

< 5.23.0

An issue was discovered in Mattermost Server before 5.23.0. Large webhook requests allow attackers to cause a denial of service (i

7.5HIGH

CVE-2019-20847

< 5.18.0

An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel.

5.3MEDIUM

CVE-2019-20846

< 5.18.0

An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.

7.5HIGH

CVE-2019-20845

< 5.18.0

An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption)

7.5HIGH

CVE-2019-20844

< 5.9.7

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-mess

6.5MEDIUM

CVE-2019-20843

< 5.9.7

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for conf

7.5HIGH

CVE-2019-20842

< 5.9.7

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins vi

7.2HIGH

CVE-2019-20841

< 5.9.7

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a craf

8.8HIGH