CVE-2017-18900
published 2020-06-19CVE-2017-18900: An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.10.3+incompatible | 3.10.3+incompatible |
| github.com | mattermost_mattermost-server | >= 0 < 3.10.3 | 3.10.3 |
| github.com | mattermost_mattermost-server | >= 4.0.0 < 4.0.3 | 4.0.3 |
| github.com | mattermost_mattermost-server | >= 4.0.0+incompatible < 4.0.3+incompatible | 4.0.3+incompatible |
| mattermost | mattermost_server | < 3.10.3 | 3.10.3 |
| mattermost | mattermost_server | >= 4.0.0 < 4.0.4 | 4.0.4 |