CVE-2020-14460
published 2020-06-19CVE-2020-14460: An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth application does not always require…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth application does not always require admin privileges, aka MMSA-2020-0001.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost_server | < 5.9.8 | 5.9.8 |
| mattermost | mattermost_server | — | — |
| mattermost | mattermost_server | >= 5.16.0 < 5.16.5 | 5.16.5 |
| mattermost | mattermost_server | >= 5.17.0 < 5.17.3 | 5.17.3 |
| mattermost | mattermost_server | >= 5.18.0 < 5.18.1 | 5.18.1 |