CVE-2017-18888
published 2020-06-19CVE-2017-18888: An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 4.1.2 | 4.1.2 |
| github.com | mattermost_mattermost-server | >= 0 < 4.1.2+incompatible | 4.1.2+incompatible |
| github.com | mattermost_mattermost-server | >= 4.2.0-rc1 < 4.2.1 | 4.2.1 |
| github.com | mattermost_mattermost-server | >= 4.2.0-rc1+incompatible < 4.2.1+incompatible | 4.2.1+incompatible |
| github.com | mattermost_mattermost-server | >= 4.3.0-rc1 < 4.3.0 | 4.3.0 |
| github.com | mattermost_mattermost-server | >= 4.3.0-rc1+incompatible < 4.3.0+incompatible | 4.3.0+incompatible |
| mattermost | mattermost_server | < 4.1.2 | 4.1.2 |
| mattermost | mattermost_server | — | — |
| mattermost | mattermost_server | >= 4.2.0 < 4.2.1 | 4.2.1 |