CVE-2016-11078

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.

View Full Alert

Related Posts

  • CVE-2016-1000229

    swagger-ui has XSS in key names View Full Alert

  • CVE-2016-1000022

    negotiator before 0.6.1 is vulnerable to a regular expression DoS View Full Alert

  • CVE-2016-10761

    Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack. View Full Alert