CVE-2017-18914
published 2020-06-19CVE-2017-18914: An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost_server | < 3.6.7 | 3.6.7 |
| mattermost | mattermost_server | >= 3.7.0 < 3.7.5 | 3.7.5 |
| mattermost | mattermost_server | >= 3.8.0 < 3.8.2 | 3.8.2 |