CVE-2017-18906
published 2020-06-19CVE-2017-18906: An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's…
high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.9.2-0.20170714134023-b17fca0d5ee7 | 3.9.2-0.20170714134023-b17fca0d5ee7 |
| github.com | mattermost_mattermost-server | >= 3.10.0 < 3.10.2 | 3.10.2 |
| github.com | mattermost_mattermost-server | >= 3.10.0+incompatible < 3.10.2+incompatible | 3.10.2+incompatible |
| mattermost | mattermost_server | < 3.9.2 | 3.9.2 |
| mattermost | mattermost_server | >= 3.10.0 < 3.10.2 | 3.10.2 |