Launch Week Day 1: Announcing Security Design Review
Start for Free
UNKNOWN Go

Mattermost Server is vulnerable to XSS attacks against an OAuth 2.0 allow/deny page

GHSA-9x8x-w6g5-hx4w · CVE-2017-18877 · GO-2025-4190

Published · Modified

Description

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes