Lucene search
K

10 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24170

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00335EPSS
Exploits0References3
osv
osv
added 2025/08/11 9:31 p.m.3 views

GHSA-3CG3-3MMR-W8HJ Mattermost Confluence Plugin has Improper Validation of Specified Type of Input

Mattermost Confluence Plugin versions 1.5.0 fail to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the create channel subscription endpoint with an invalid request body...

7.5CVSS7AI score0.00335EPSS
Exploits0References3
snyk
snyk
added 2025/08/11 9:31 p.m.2 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via the create channel subscription endpoint when unexpected request bodies are not properly handled. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies...

8.7CVSS7AI score0.00335EPSS
Exploits0References2
github
github
added 2025/08/11 9:31 p.m.10 views

Mattermost Confluence Plugin has Missing Authorization vulnerability

Mattermost Confluence Plugin versions 1.5.0 fail to check user access to the channel, allowing attackers to create a channel subscription without proper access to the channel via an API call to the edit channel subscription endpoint...

4CVSS6.9AI score0.00196EPSS
Exploits0References3Affected Software1
github
github
added 2025/08/11 9:31 p.m.13 views

Mattermost Confluence Plugin is Missing Authentication for Critical Function

Mattermost Confluence Plugin version 1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint...

7.2CVSS7AI score0.00203EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2025/08/11 7:15 p.m.5 views

CVE-2025-54525

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body...

7.5CVSS0.00335EPSS
Exploits0References1
nvd
nvd
added 2025/08/11 7:15 p.m.45 views

CVE-2025-53910

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint...

4CVSS0.00196EPSS
Exploits0References1
cve
cve
added 2025/08/11 6:57 p.m.28 views

CVE-2025-8285

Mattermost Confluence Plugin has a Missing Authorization vulnerability in versions

5.3CVSS7.1AI score0.00197EPSS
Exploits0References1Affected Software1
cve
cve
added 2025/08/11 6:57 p.m.33 views

CVE-2025-54525

Mattermost Confluence Plugin (github.com/mattermost/mattermost-plugin-confluence) is affected by CVE-2025-54525. Versions older than 1.5.0 fail to properly handle an unexpected request body to the create channel subscription endpoint, which can cause the plugin to crash (DoS) under constant inval...

7.5CVSS7.1AI score0.00335EPSS
Exploits0References1Affected Software1
cve
cve
added 2025/08/11 6:56 p.m.35 views

CVE-2025-44004

Affected: Mattermost Confluence Plugin (

7.2CVSS7AI score0.00203EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder