CVE-2017-18920
published 2020-06-19CVE-2017-18920: An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost_server | < 3.6.2 | 3.6.2 |