Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Desktop  Security Vulnerabilities
CVE-2023-5875
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server
CVSS Score
3.7
EPSS Score
0.002
Published
2023-11-02
CVE-2023-5876
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service.
CVSS Score
3.1
EPSS Score
0.001
Published
2023-11-02
CVE-2023-5920
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input.
CVSS Score
2.9
EPSS Score
0.001
Published
2023-11-02
CVE-2023-5339
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged. 
CVSS Score
4.7
EPSS Score
0.001
Published
2023-10-17
CVE-2023-2000
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-02
CVE-2016-11064
An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-06-19
CVE-2018-21265
An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20856
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20861
An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbitrary code via a crafted link.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-06-19
CVE-2020-14454
An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved