Unrated severityNVD Advisory· Published Nov 28, 2024· Updated Nov 29, 2024
Domain Restriction Bypass on Registration
CVE-2024-11599
Description
Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=9.5.0 <=9.5.11, >=9.11.0 <=9.11.3, >=10.0.0 <=10.0.1, >=10.1.0 <=10.1.1+ 1 more
- (no CPE)range: >=9.5.0 <=9.5.11, >=9.11.0 <=9.11.3, >=10.0.0 <=10.0.1, >=10.1.0 <=10.1.1
- (no CPE)range: 10.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.