cbcvebase.
CVE-2019-20841
published 2020-06-19

CVE-2019-20841: An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.

Affected

5 ranges
VendorProductVersion rangeFixed in
mattermostmattermost_server< 5.9.75.9.7
mattermostmattermost_server
mattermostmattermost_server>= 5.15.0 < 5.15.45.15.4
mattermostmattermost_server>= 5.16.0 < 5.16.45.16.4
mattermostmattermost_server>= 5.17.0 < 5.17.25.17.2