CVE-2017-18914

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-18914

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-18914.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-18914

Published

2020-06-19T20:15:12.367Z

Modified

2026-03-12T22:31:46.150656Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. An external link can occur on an error page even if it is not on an allowlist.

References

https://mattermost.com/security-updates/

Affected packages

Git / github.com/mattermost/mattermost-server

Affected ranges

Type

GIT

Repo

https://github.com/mattermost/mattermost-server

Events

Introduced

Fixed

584146b9b9b5d44359475f1b815b2306e130bbf2

Introduced

8568afe5b4fb4d26b14fbc0d21f088eaa490b314

Fixed

93e3981de93ce829fac9306ca8ede376b3c3fc14

Introduced

30974533941e73f102505d07badf538cfdbbf3fc

Fixed

dd1db760e378d2df7a52976e812f77f54f85c2c0

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.6.7"
        },
        {
            "introduced": "3.7.0"
        },
        {
            "fixed": "3.7.5"
        },
        {
            "introduced": "3.8.0"
        },
        {
            "fixed": "3.8.2"
        }
    ]
}

Affected versions

v3.*

v3.7.0

v3.7.1

v3.7.2

v3.7.3

v3.7.4

v3.7.5-rc1

v3.8.0

v3.8.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-18914.json"