CVE-2018-21264
published 2020-06-19CVE-2018-21264: An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost_server | < 4.5.2 | 4.5.2 |
| mattermost | mattermost_server | — | — |
| mattermost | mattermost_server | >= 4.6.0 < 4.6.2 | 4.6.2 |