CVE-2019-20842
published 2020-06-19CVE-2019-20842: An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost_server | < 5.9.7 | 5.9.7 |
| mattermost | mattermost_server | — | — |
| mattermost | mattermost_server | >= 5.15.0 < 5.15.4 | 5.15.4 |
| mattermost | mattermost_server | >= 5.16.0 < 5.16.4 | 5.16.4 |
| mattermost | mattermost_server | >= 5.17.0 < 5.17.2 | 5.17.2 |