PT-2022-37846 · Go · Github.Com/Mattermost/Mattermost-Server

Published

2022-05-24

·

Updated

2022-05-24

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. It allows XSS via an uploaded file.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

GHSA-8PFF-P3GX-W4JF

Affected Products

Github.Com/Mattermost/Mattermost-Server