VYPR
Unrated severityNVD Advisory· Published Nov 28, 2024· Updated Nov 29, 2024

Domain Restriction Bypass on Registration

CVE-2024-11599

Description

Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mattermost/Mattermostllm-fuzzy2 versions
    >=9.5.0 <=9.5.11, >=9.11.0 <=9.11.3, >=10.0.0 <=10.0.1, >=10.1.0 <=10.1.1+ 1 more
    • (no CPE)range: >=9.5.0 <=9.5.11, >=9.11.0 <=9.11.3, >=10.0.0 <=10.0.1, >=10.1.0 <=10.1.1
    • (no CPE)range: 10.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.