Security Advisory

CVE-2021-37862

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-17 16:10:29

Last updated 2024-08-04 01:30:09

Assigner Mattermost

State PUBLISHED

Description

Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.

← Browse all CVEs View on cve.org ↗