An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.
2020-06-19T17:15:12.257
2024-11-21T03:21:09.567
Modified
CVSSv3.1: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mattermost | mattermost_server | < 4.1.2 | Yes |
| Application | mattermost | mattermost_server | < 4.2.1 | Yes |
| Application | mattermost | mattermost_server | 4.3.0 | Yes |
| Application | mattermost | mattermost_server | 4.3.0 | Yes |
| Application | mattermost | mattermost_server | 4.3.0 | Yes |
| Application | mattermost | mattermost_server | 4.3.0 | Yes |