PT-2022-37852 · Go · Github.Com/Mattermost/Mattermost-Server

Published

2022-05-24

·

Updated

2022-05-24

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. CSRF can occur if CORS is enabled.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

GHSA-FCWG-45JH-5QHF

Affected Products

Github.Com/Mattermost/Mattermost-Server