CVE-2024-11599
published 2024-11-28CVE-2024-11599: Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost | 10.0.0 – 10.0.1 | — |
| mattermost | mattermost | 10.1.0 – 10.1.1 | — |
| mattermost | mattermost | 9.11.0 – 9.11.3 | — |
| mattermost | mattermost | 9.5.0 – 9.5.11 | — |
| mattermost | mattermost_server | >= 10.0.0 < 10.0.2 | 10.0.2 |
| mattermost | mattermost_server | >= 10.1.0 < 10.1.2 | 10.1.2 |
| mattermost | mattermost_server | >= 9.11.0 < 9.11.4 | 9.11.4 |
| mattermost | mattermost_server | >= 9.5.0 < 9.5.12 | 9.5.12 |