SQL Injection Vulnerability in Mattermost Server via SearchAllChannels

SQL Injection Vulnerability in Mattermost Server via SearchAllChannels

CVE-2019-20842 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.