Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
Fri, 29 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mattermost
Mattermost mattermost |
|
CPEs | cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mattermost
Mattermost mattermost |
|
Metrics |
ssvc
|
Thu, 28 Nov 2024 10:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration. | |
Title | Domain Restriction Bypass on Registration | |
Weaknesses | CWE-754 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-11-28T09:42:48.141Z
Updated: 2024-11-29T19:55:00.509Z
Reserved: 2024-11-21T16:26:32.694Z
Link: CVE-2024-11599
Vulnrichment
Updated: 2024-11-29T19:54:53.238Z
NVD
Status : Received
Published: 2024-11-28T10:15:06.657
Modified: 2024-11-28T10:15:06.657
Link: CVE-2024-11599
Redhat
No data.