Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/26 2:42 p.m.36 views

CVE-2026-3472 Markdown image rendering bypass in AI bot tool result posts in Mattermost

Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into to...

3.5CVSS0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-3495

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...

4.8CVSS5.6AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 9:31 a.m.7 views

GHSA-JX93-PF6X-874R Mattermost doesn't escape some variables that could contain malicious content during error page composition

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...

3.8CVSS5.9AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.16 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder