CVE-2018-21257

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/06/2020
Last modified:
30/06/2020

Description

An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:* 5.1.0 (excluding)


References to Advisories, Solutions, and Tools