An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint.
2020-06-19T19:15:11.247
2024-11-21T03:21:12.323
Modified
CVSSv3.1: 5.3 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:P/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mattermost | mattermost_server | < 4.0.5 | Yes |
| Application | mattermost | mattermost_server | < 4.1.1 | Yes |
| Application | mattermost | mattermost_server | 4.2.0 | Yes |
| Application | mattermost | mattermost_server | 4.2.0 | Yes |
| Application | mattermost | mattermost_server | 4.2.0 | Yes |
| Application | mattermost | mattermost_server | 4.2.0 | Yes |