Vulnerabilidades em Mattermost
434 resultadosCVE-2024-39810MEDIUMServer crash via Elasticsearch certificate fileEPSS 0.5%CVE-2024-32046MEDIUMDetailed error discloses full file path with dev mode offEPSS 0.5%CVE-2023-1776HIGHStored XSS via SVG attachment on BoardsEPSS 0.4%CVE-2024-2446MEDIUMMattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to limit the number of @-mentioEPSS 0.4%CVE-2023-3585MEDIUMchannel DoS by sharing a boards linkEPSS 0.4%CVE-2023-6202MEDIUMInsecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost BoardsEPSS 0.4%CVE-2024-47401MEDIUMDoS via Amplified GraphQL Response in PlaybooksEPSS 0.4%CVE-2025-20621MEDIUMWebapp crash via object that can't be cast to String in Attachment FieldEPSS 0.4%CVE-2023-4478MEDIUMParameter tampering in the registration resulting in blocked accounts to be createdEPSS 0.4%CVE-2023-2783MEDIUMApp Framework does not checks for the secret provided in the incoming webhook requestEPSS 0.4%CVE-2023-46701MEDIUMInaccessible Post Information Leak via Run Timeline IDOREPSS 0.4%CVE-2024-43105MEDIUMExcessive Resource Consumption via `/export`EPSS 0.4%CVE-2023-3587LOWInconsistent state in UI after boards permission change by system adminEPSS 0.4%CVE-2026-3112MEDIUMArbitrary File Read via Advanced Logging Support PacketEPSS 0.4%CVE-2023-4107MEDIUMIncorrect authorization allows a user manager to update a system adminEPSS 0.4%CVE-2023-1831HIGHUser password logged in audit logsEPSS 0.4%CVE-2023-5195MEDIUMA team member can soft delete other teams that they are not part ofEPSS 0.4%CVE-2023-47865MEDIUMUsername and Icon override can be used by members when Hardened Mode is enabledEPSS 0.4%CVE-2024-54682MEDIUMZipbomb DoS via Missing Slack Import ValidationEPSS 0.4%CVE-2025-20086MEDIUMInsufficient Input Validation on Post PropsEPSS 0.4%