- Description
- Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.
- Source
- responsibledisclosure@mattermost.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.2
- Impact score
- 4.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
- Severity
- HIGH
- responsibledisclosure@mattermost.com
- CWE-754
- Hype score
- Not currently trending
CVE-2024-11599 (CVSS:8.2, HIGH) is Awaiting Analysis. Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate emai..https://t.co/zI1CkZMcVO #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #m
@cracbot
3 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11599 Unauthenticated Email Domain Bypass in Mattermost - Input Validation Flaw Mattermost versions 10.0.x up to 10.0.1, 10.1.x up to 10.1.1, 9.11.x up to 9.11.3, and 9.5.x up to 9.5.11 have a vulnerabil... https://t.co/xhnIX9cnel
@VulmonFeeds
28 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes