16 matches found
SUSE CVE-2025-49221
Mattermost Confluence Plugin version 1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint...
SUSE CVE-2025-53857
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint...
Unspecified Vulnerability in Mattermost Confluence Plugin (CNVD-2025-21455)
Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause access to subscription details...
Unspecified Vulnerability in Mattermost Confluence Plugin (CNVD-2025-21456)
Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause access to subscription details...
CVE-2025-49221
Mattermost Confluence Plugin version 1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the GET subscription endpoint. An attacker can access sensitive subscription details by sending unauthorized API requests. Remediation Upgrade github.com/mattermost/mattermost-plugin-confluence/server to versio...
GHSA-RFG4-2M63-FW2Q Mattermost Confluence Plugin has Missing Authorization vulnerability
Mattermost Confluence Plugin versions 1.5.0 fail to enforce authentication of the user to the Mattermost instance, which allows unauthenticated attackers to access subscription details via an API call to the GET subscription endpoint...
Mattermost Confluence Plugin has Missing Authorization vulnerability
Mattermost Confluence Plugin versions 1.5.0 fail to enforce authentication of the user to the Mattermost instance, which allows unauthenticated attackers to access subscription details via an API call to the GET subscription endpoint...
CVE-2025-53857
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint...
CVE-2025-49221
Mattermost Confluence Plugin version 1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint...
CVE-2025-44001
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the Get Channel Subscriptions details endpoint...
CVE-2025-49221 Unauthenticated Access to Channel Subscription in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint...
CVE-2025-44001
CVE-2025-44001 concerns the Mattermost Confluence Plugin where versions
Mattermost Confluence Plugin 安全漏洞
Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause access to subscription details...
Mattermost Confluence Plugin 安全漏洞
Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause access to subscription details...
Unsecured Adobe Server Exposes Data for 7.5 Million Creative Cloud Users
The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records' database belonging to the company's popular Creative Cloud service. With an estimated 15 million subscribers, Adobe Creative Cloud or Adobe CC is a...