{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "9.5.0" }, { "fixed": "9.5.12" }, { "introduced": "9.11.0" }, { "fixed": "9.11.4" }, { "introduced": "10.0.0" }, { "fixed": "10.0.2" }, { "introduced": "10.1.0" }, { "fixed": "10.1.2" } ] }, "events": [ { "introduced": "99d819d25d0b16b3faed901b1fe5c41de7655e9c" }, { "fixed": "e554b39e19b9a6620e007e6e970ce98800d82a4f" }, { "introduced": "0bc2ddd42375a75ab14e63f038165150d4f07659" }, { "fixed": "33c9a68970dced64aca166dec6cdc8a6c5d4ef77" }, { "introduced": "2d83d21388f3111bffe4b1f63521b21d77ec2cef" }, { "fixed": "a3ce5878d1b4803e8941fb1012d0d3a6c6bac231" }, { "introduced": "50f91e2453188bbd0153db0e98714022db022a5c" }, { "fixed": "c540ab8299e45424e410652d304b8926b727b456" } ], "repo": "https://github.com/mattermost/mattermost-server", "type": "GIT" } ] } ], "details": "Mattermost versions 10.0.x \u003c= 10.0.1, 10.1.x \u003c= 10.1.1, 9.11.x \u003c= 9.11.3, 9.5.x \u003c= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration.", "id": "CVE-2024-11599", "modified": "2026-03-10T21:47:43.061818153Z", "published": "2024-11-28T10:15:06.657Z", "references": [ { "type": "ADVISORY", "url": "https://mattermost.com/security-updates" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "type": "CVSS_V3" } ] }