CVE-2016-11075Sensitive Information Exposure in Mattermost Mattermost-server

CWE-200Sensitive Information Exposure5 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 53.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Mattermost Mattermost-serverMattermost Server
Timeline
PublishedJun 19
Latest updateOct 30

Description

An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

Gogithub.com/mattermost_mattermost-server< 2.0.1-0.20160310160916-26ad6d2c7696

🔴Vulnerability Details

4
OSV
Mattermost Server exposes sensitive information about team URLs via an API in github.com/mattermost/mattermost-server2025-10-30
GHSA
Mattermost Server exposes sensitive information about team URLs via an API2022-05-24
OSV
Mattermost Server exposes sensitive information about team URLs via an API2022-05-24
CVEList
CVE-2016-11075: An issue was discovered in Mattermost Server before 32020-06-19
CVE-2016-11075 — Sensitive Information Exposure | cvebase