CVE-2017-18903
published 2020-06-19CVE-2017-18903: An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. CSRF can occur if CORS is enabled.
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. CSRF can occur if CORS is enabled.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.9.2 | 3.9.2 |
| github.com | mattermost_mattermost-server | >= 0 < 3.9.2+incompatible | 3.9.2+incompatible |
| github.com | mattermost_mattermost-server | >= 3.10.0+incompatible < 3.10.2+incompatible | 3.10.2+incompatible |
| github.com | mattermost_mattermost-server | >= 3.10.0-rc1 < 3.10.2 | 3.10.2 |
| mattermost | mattermost_server | < 3.9.2 | 3.9.2 |
| mattermost | mattermost_server | >= 3.10.0 < 3.10.2 | 3.10.2 |