Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2020
CVE-2019-20861
An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbitrary code via a crafted link.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-06-19
CVE-2019-20862
An issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash commands.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20863
An issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properly restricted.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20864
An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2020-14460
An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth application does not always require admin privileges, aka MMSA-2020-0001.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-06-19
CVE-2020-14447
An issue was discovered in Mattermost Server before 5.23.0. Large webhook requests allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0021.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2020-14448
An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0020.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2020-14449
An issue was discovered in Mattermost Mobile Apps before 1.30.0. Authorization tokens can sometimes be disclosed to third-party servers, aka MMSA-2020-0018.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2020-14450
An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2020-14451
An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain after a logout, aka MMSA-2020-0013.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved