PT-2020-8013 · Mattermost · Mattermost Server

Published

2020-06-19

·

Updated

2025-11-07

·

CVE-2016-11084

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions: Mattermost Server versions prior to 2.1.0
Description: The issue allows for XSS via CSRF.
Recommendations: For versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue.

Fix

XSS

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-352

Related Identifiers

CVE-2016-11084
GHSA-VW57-55F8-C73Q
GO-2025-4066
OPENSUSE-SU-2025:15710-1

Affected Products

Mattermost Server