Vulnerability Database
289,784
Total vulnerabilities in the database
CVE-2024-43780
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
| Software | From | Fixed in |
|---|---|---|
github.com/mattermost/mattermost/server/v8
|
9.5.0 | 9.5.8 |
|
github.com/mattermost/mattermost/server/v8
|
9.10.0 | 9.10.1 |
|
github.com/mattermost/mattermost/server/v8
|
9.9.0 | 9.9.2 |
|
github.com/mattermost/mattermost/server/v8
|
9.8.0 | 9.8.3 |
| mattermost / mattermost_server | 9.8.0 | 9.8.3 |
| mattermost / mattermost_server | 9.5.0 | 9.5.8 |
| mattermost / mattermost_server | 9.9.0 | 9.9.2 |
| mattermost / mattermost_server | 9.10.0 | 9.10.0.x |