CVE-2017-18872
published 2020-06-19CVE-2017-18872: An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 4.3.3 | 4.3.3 |
| github.com | mattermost_mattermost-server | >= 0 < 4.3.3+incompatible | 4.3.3+incompatible |
| github.com | mattermost_mattermost-server | >= 4.4.0-rc1 < 4.4.3 | 4.4.3 |
| github.com | mattermost_mattermost-server | >= 4.4.0-rc1+incompatible < 4.4.3+incompatible | 4.4.3+incompatible |
| mattermost | mattermost_server | < 4.3.3 | 4.3.3 |
| mattermost | mattermost_server | >= 4.4.0 < 4.4.3 | 4.4.3 |