Mattermost: >> Mattermost Desktop Security Vulnerabilities
An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbitrary code via a crafted link.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authentication is mishandled, allowing phishing, aka MMSA-2020-0007.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.
CVSS Score
7.3
EPSS Score
0.001
Published
2020-06-19
Page 2