CVE-2017-18905
published 2020-06-19CVE-2017-18905: An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when used as an OAuth 2.0 service provider, Session invalidation was mishandled.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when used as an OAuth 2.0 service provider, Session invalidation was mishandled.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.9.2 | 3.9.2 |
| github.com | mattermost_mattermost-server | >= 0 < 3.9.2+incompatible | 3.9.2+incompatible |
| github.com | mattermost_mattermost-server | >= 3.10.0 < 3.10.2 | 3.10.2 |
| github.com | mattermost_mattermost-server | >= 3.10.0+incompatible < 3.10.2+incompatible | 3.10.2+incompatible |
| mattermost | mattermost_server | < 3.9.2 | 3.9.2 |
| mattermost | mattermost_server | >= 3.10.0 < 3.10.2 | 3.10.2 |