Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Server  >> 5.6.3  Security Vulnerabilities
CVE-2021-37862
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.
CVSS Score
3.7
EPSS Score
0.002
Published
2021-12-17
CVE-2021-37863
Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a client-side crash of the web application via a maliciously crafted post.
CVSS Score
3.5
EPSS Score
0.006
Published
2021-12-17
CVE-2019-20890
An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discovery restrictions.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20879
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-mail addresses do not require credential re-entry.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20880
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attackers to cause a denial of service (memory consumption) via OpenGraph.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20881
An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against MFA.
CVSS Score
7.3
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20882
An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20883
An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only. Users can pin or unpin a post.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20884
An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20885
An issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt file.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved