PT-2022-37862 · Go · Github.Com/Mattermost/Mattermost-Server

Published

2022-05-24

·

Updated

2022-05-24

CVSS v4.0

8.8

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
An issue was discovered in Mattermost Server before 3.8.2 and 3.7.5. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-328

Related Identifiers

GHSA-JXC4-W54C-QV5R

Affected Products

Github.Com/Mattermost/Mattermost-Server