CyberSec.Space Logo
Back to CVE Browser

CVE-2017-18900

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1440%
EPSS Percentile34.68th
PublishedJun 19, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report.

Affected Platforms (CPE)

📦
Mattermost

Mattermost Server

< 3.10.3
📦
Mattermost

Mattermost Server

>= 4.0.0 and < 4.0.4

References & Advisories

🔗 https://mattermost.com/security-updates/
🔗 https://mattermost.com/security-updates/

Related Vulnerabilities

CVE-2016-110749.8

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.

CVE-2017-188859.8

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing u...

CVE-2018-212519.8

An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not th...

CVE-2017-188889.8

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multip...