CVE-2022-1002 - Vulnerability Details - OpenCVE

Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00204.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-24352	Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations.

Fixes

Solution

Update Mattermost to version v6.4 or higher

Workaround

No workaround given by the vendor.

References

Link	Providers
https://hackerone.com/reports/1443567
https://mattermost.com/security-updates/

History

Fri, 06 Dec 2024 23:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2022-03-18T18:00:22

Updated: 2024-12-06T23:10:17.690Z

Reserved: 2022-03-17T00:00:00

Link: CVE-2022-1002

Vulnrichment

Updated: 2024-08-02T23:47:42.975Z

NVD

Status : Modified

Published: 2022-03-18T18:15:12.067

Modified: 2024-11-21T06:39:50.143

Link: CVE-2022-1002

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "6.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Thanks to Imamul Mursalin for contributing to this improvement under the Mattermost responsible disclosure policy."}], "descriptions": [{"lang": "en", "value": "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-18T18:00:21", "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://mattermost.com/security-updates/"}, {"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1443567"}], "solutions": [{"lang": "en", "value": "Update Mattermost to version v6.4 or higher"}], "source": {"advisory": "MMSA-2022-0088", "defect": ["https://mattermost.atlassian.net/browse/MM-40895"], "discovery": "EXTERNAL"}, "title": "HTML Injection while inviting Guests ", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "responsibledisclosure@mattermost.com", "ID": "CVE-2022-1002", "STATE": "PUBLIC", "TITLE": "HTML Injection while inviting Guests "}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Mattermost", "version": {"version_data": [{"version_affected": "<=", "version_value": "6.3"}]}}]}, "vendor_name": "Mattermost"}]}}, "credit": [{"lang": "eng", "value": "Thanks to Imamul Mursalin for contributing to this improvement under the Mattermost responsible disclosure policy."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}]}, "references": {"reference_data": [{"name": "https://mattermost.com/security-updates/", "refsource": "MISC", "url": "https://mattermost.com/security-updates/"}, {"name": "https://hackerone.com/reports/1443567", "refsource": "MISC", "url": "https://hackerone.com/reports/1443567"}]}, "solution": [{"lang": "en", "value": "Update Mattermost to version v6.4 or higher"}], "source": {"advisory": "MMSA-2022-0088", "defect": ["https://mattermost.atlassian.net/browse/MM-40895"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:47:42.975Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://mattermost.com/security-updates/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1443567"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-06T22:53:12.307762Z", "id": "CVE-2022-1002", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-06T23:10:17.690Z"}}]}, "cveMetadata": {"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "assignerShortName": "Mattermost", "cveId": "CVE-2022-1002", "datePublished": "2022-03-18T18:00:22", "dateReserved": "2022-03-17T00:00:00", "dateUpdated": "2024-12-06T23:10:17.690Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates/", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://hackerone.com/reports/1443567", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:47:42.975Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-1002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-06T22:53:12.307762Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-06T22:53:13.956Z"}}], "cna": {"title": "HTML Injection while inviting Guests ", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-40895"], "advisory": "MMSA-2022-0088", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Thanks to Imamul Mursalin for contributing to this improvement under the Mattermost responsible disclosure policy."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "6.3"}]}], "solutions": [{"lang": "en", "value": "Update Mattermost to version v6.4 or higher"}], "references": [{"url": "https://mattermost.com/security-updates/", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1443567", "tags": ["x_refsource_MISC"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2022-03-18T18:00:21"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "Thanks to Imamul Mursalin for contributing to this improvement under the Mattermost responsible disclosure policy."}], "impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-40895"], "advisory": "MMSA-2022-0088", "discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "6.3", "version_affected": "<="}]}, "product_name": "Mattermost"}]}, "vendor_name": "Mattermost"}]}}, "solution": [{"lang": "en", "value": "Update Mattermost to version v6.4 or higher"}], "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://mattermost.com/security-updates/", "name": "https://mattermost.com/security-updates/", "refsource": "MISC"}, {"url": "https://hackerone.com/reports/1443567", "name": "https://hackerone.com/reports/1443567", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-1002", "STATE": "PUBLIC", "TITLE": "HTML Injection while inviting Guests ", "ASSIGNER": "responsibledisclosure@mattermost.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-1002", "state": "PUBLISHED", "dateUpdated": "2024-12-06T23:10:17.690Z", "dateReserved": "2022-03-17T00:00:00", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2022-03-18T18:00:22", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E4E6030-5F60-4B32-9681-14C369CFC79A", "versionEndExcluding": "6.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."}, {"lang": "es", "value": "Mattermost versiones 6.3.0 y anteriores, no sanean apropiadamente el contenido HTML en la invitaci\u00f3n por correo electr\u00f3nico enviada a usuarios invitados, lo que permite a usuarios registrados con permisos especiales para invitar a usuarios invitados inyectar contenido HTML sin descifrar en las invitaciones por correo electr\u00f3nico"}], "id": "CVE-2022-1002", "lastModified": "2024-11-21T06:39:50.143", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-18T18:15:12.067", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1443567"}, {"source": "responsibledisclosure@mattermost.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://mattermost.com/security-updates/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1443567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://mattermost.com/security-updates/"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-80"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}