Mattermost: >> Mattermost Desktop >> 4.3.1 Security Vulnerabilities
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input.
CVSS Score
2.9
EPSS Score
0.001
Published
2023-11-02
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-10-17
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-02
An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authentication is mishandled, allowing phishing, aka MMSA-2020-0007.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-06-19
An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.
CVSS Score
7.3
EPSS Score
0.001
Published
2020-06-19
Page 2