Mattermost Security Vulnerabilities (CVEs)

The Mattermost Desktop App vulnerability allows malicious Mattermost servers to expose preload script functionality to untrusted external sites when u...

This vulnerability allows authenticated Mattermost users to discover the existence of teams and their URL names by posting channel shortlinks and obse...

This vulnerability allows authenticated Mattermost users to exfiltrate sensitive data including password hashes and MFA secrets through WebSocket mess...

This vulnerability allows authenticated users to bypass SSO-only login requirements in Mattermost by using userID-based authentication. It affects Mat...

This vulnerability allows any authenticated Mattermost user to modify Zoom meeting restrictions for any channel via API requests. Affected systems inc...

This vulnerability allows authenticated Mattermost users with Jira plugin access to bypass channel permissions and read posts/attachments from channel...

This vulnerability allows deactivated Mattermost users to learn team names they shouldn't have access to through a race condition in the API. It affec...

This cross-site scripting (XSS) vulnerability in Mattermost's Confluence plugin allows authenticated Confluence users with malicious display names to ...

This vulnerability allows authenticated Mattermost users to trigger infinite component re-render loops when API errors occur, causing application-leve...

Mattermost versions 10.11.0 through 10.11.8 have a CPU exhaustion vulnerability where authenticated users can send posts with thousands of space-separ...

This vulnerability allows malicious Mattermost users to create posts with fake Jira plugin actions that exfiltrate Jira tickets when other users inter...

This vulnerability allows authenticated Mattermost users with Jira plugin access to read posts and attachments from channels they shouldn't have acces...

This vulnerability allows unauthenticated attackers to bypass authentication in Mattermost's Jira plugin and make authenticated requests to Jira serve...

This vulnerability allows attackers who obtain remote cluster invite tokens to authenticate as remote clusters and perform limited actions on shared c...

Mattermost Desktop App versions before 6.0.0 for macOS fail to enable Hardened Runtime when packaged for the Mac App Store, allowing attackers to bypa...

This vulnerability allows attackers to crash the Calls plugin in Mattermost by sending malformed WebSocket requests with improper UTF-8 formatting. Af...

Mattermost Desktop App versions before 6.0.0 fail to properly clear sensitive information from logs and data when servers are deleted. This allows att...

This CSRF vulnerability in Mattermost allows authenticated attackers to initiate calls and inject messages into channels or direct messages via malici...

Mattermost versions 10.11.4 and earlier contain an open redirect vulnerability on the /error page. An attacker can craft a malicious link that redirec...

This vulnerability allows attackers to hijack Mattermost's GitHub reaction feature by exploiting improper plugin bot identity validation. Attackers ca...

This vulnerability in Mattermost allows authenticated users to access files and subscribe to blocks in Boards they shouldn't have permission to view. ...

This vulnerability allows authenticated users with editor permissions in Mattermost Boards to delete comments created by other users, bypassing intend...

This vulnerability allows any authenticated Mattermost user to view team email addresses that should only be visible to Team Admins. The information d...

This vulnerability allows system administrators to access password hashes and MFA secrets through an API endpoint that fails to properly sanitize user...

Mattermost versions before 11.0 fail to properly enforce the 'Allow users to view archived channels' setting, allowing regular users to access archive...

Mattermost versions before 11 fail to enforce multi-factor authentication on WebSocket connections, allowing unauthenticated users to bypass MFA and a...

This vulnerability allows attackers to edit arbitrary posts in Mattermost by exploiting an improper validation flaw in the MSTeams plugin OAuth flow. ...

Mattermost versions before 11 have an authorization bypass vulnerability where guest users can discover archived public channels through a specific AP...

This vulnerability in Mattermost Desktop App allows attackers to create a denial-of-service condition by tricking users into configuring a malicious s...

This vulnerability allows attackers to join any Mattermost team without proper authorization by manipulating RelayState parameters. Attackers can bypa...

This vulnerability allows attackers to create verified user accounts with arbitrary email domains during Slack imports in Mattermost. Attackers can by...

This vulnerability allows guest users in Mattermost to discover active public channels and their metadata through an API endpoint, bypassing intended ...

This vulnerability allows admin users in Mattermost to execute arbitrary code by uploading malicious plugins to the prepackaged plugins directory. The...

Mattermost SAML authentication redirect vulnerability allows attackers to steal user session cookies via malicious links. When users authenticate thro...

Mattermost versions 10.10.x through 10.10.1 fail to properly sanitize user data during shared channel synchronization, allowing malicious remote clust...

This vulnerability allows authenticated Mattermost users to access unauthorized posts and manipulate link previews through hash collision attacks on F...

This vulnerability allows system administrators to crash Mattermost servers by importing malformed data through the bulk import feature. It affects Ma...

This vulnerability allows authenticated users with file upload permissions to overwrite file attachment thumbnails via path traversal in Mattermost's ...

This vulnerability allows team administrators without member invite privileges to obtain a team's invite ID through the team restore API endpoint. Aff...

This vulnerability allows system administrators in Mattermost to upload non-attachment file types via shared channels, potentially placing files in ar...

This vulnerability allows system administrators in Mattermost to perform path traversal attacks by manipulating template file destination paths. Attac...

This vulnerability allows restricted admin users in Mattermost to install unauthorized custom plugins via path traversal during plugin imports. It byp...

The Mattermost Confluence Plugin before version 1.5.0 contains an improper input validation vulnerability that allows attackers to crash the plugin by...

The Mattermost Confluence Plugin before version 1.5.0 has an authentication bypass vulnerability that allows unauthenticated attackers to edit channel...

The Mattermost Confluence Plugin before version 1.5.0 contains an improper input validation vulnerability that allows attackers to crash the plugin by...

The Mattermost Confluence Plugin vulnerability allows attackers to create unauthorized channel subscriptions via API calls. This affects organizations...

The Mattermost Confluence Plugin before version 1.5.0 has an authorization bypass vulnerability where it fails to verify user permissions when creatin...

The Mattermost Confluence Plugin before version 1.5.0 contains an improper input validation vulnerability that allows attackers to crash the plugin by...