206 matches found
CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...
SUSE CVE-2025-13523
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
GO-2026-4456 Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering in github.com/mattermost/mattermost-plugin-confluence
Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering in github.com/mattermost/mattermost-plugin-confluence...
CVE-2025-13523
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
GHSA-FFX7-34P2-VM3W Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523 Cross-Site Scripting (XSS) via Unescaped Display Names in Mattermost Confluence Plugin OAuth2 Flow
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
EUVD-2025-206888
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523 Cross-Site Scripting (XSS) via Unescaped Display Names in Mattermost Confluence Plugin OAuth2 Flow
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
EUVD-2019-2143
Malware in sbrugna...
EUVD-2025-24181
Malicious code in bioql PyPI...
EUVD-2025-24179
Malicious code in bioql PyPI...
EUVD-2025-24180
Malicious code in bioql PyPI...
EUVD-2025-24175
Malicious code in bioql PyPI...
EUVD-2025-24170
Malicious code in bioql PyPI...
EUVD-2025-24177
Malicious code in bioql PyPI...
EUVD-2025-24173
Malicious code in bioql PyPI...
EUVD-2025-24178
Malicious code in bioql PyPI...