Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Desktop  >> 1.3.0  Security Vulnerabilities
CVE-2023-5920
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input.
CVSS Score
2.9
EPSS Score
0.001
Published
2023-11-02
CVE-2023-5339
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged. 
CVSS Score
4.7
EPSS Score
0.001
Published
2023-10-17
CVE-2023-2000
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-02
CVE-2016-11064
An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-06-19
CVE-2018-21265
An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20856
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20861
An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbitrary code via a crafted link.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-06-19
CVE-2020-14454
An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-19
CVE-2020-14455
An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authentication is mishandled, allowing phishing, aka MMSA-2020-0007.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-06-19
CVE-2020-14456
An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.
CVSS Score
7.3
EPSS Score
0.001
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved