Mattermost: >> Mattermost Server >> 5.18.0 Security Vulnerabilities
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
CVSS Score
7.2
EPSS Score
0.004
Published
2020-06-19
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-06-19
Page 7