CVE-2016-11071
published 2020-06-19CVE-2016-11071: An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.1.0+incompatible | 3.1.0+incompatible |
| github.com | mattermost_mattermost-server | >= 0 < 3.1.0 | 3.1.0 |
| mattermost | mattermost_server | < 3.1.0 | 3.1.0 |