CVE-2017-18914

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:21

Type Values Removed Values Added
References () https://mattermost.com/security-updates/ - Vendor Advisory () https://mattermost.com/security-updates/ - Vendor Advisory

Information

Published : 2020-06-19 20:15

Updated : 2024-11-21 03:21


NVD link : CVE-2017-18914

Mitre link : CVE-2017-18914

CVE.ORG link : CVE-2017-18914


JSON object : View

Products Affected

mattermost

  • mattermost_server
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions