2 matches found
CVE-2025-53910 Unauthorized Channel Subscription Edit in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint...
The vulnerability of the TUG Home Base Server lies in its ability to access a channel from a non-endpoint, allowing attackers to execute a “man-in-the-middle” attack.
The vulnerability of the TUG Home Base Server relates to access to a channel from a point that is not a final destination. Exploiting this vulnerability allows a remote attacker to carry out a “man-in-the-middle” attack...