CVE-2018-21257 (mattermost_server)

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API.

View Full Alert

CVE-2018-21255 (mattermost_server)
An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that channel. View Full Alert
CVE-2018-21254 (mattermost_server)
An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command. View Full Alert
CVE-2018-21256 (mattermost_server)
An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for group-message channel creation) via the Group message slash command. View Full Alert

410-897-9494
Receive RedZone Security Updates in Your InboxContact Us

CVE-2018-21257 (mattermost_server)

Leave a Reply Cancel reply

Related Posts

Leave a Reply Cancel reply