Lucene search
K

8 matches found

CNVD
CNVD
added 2025/08/15 12:0 a.m.2 views

Unspecified Vulnerability in Mattermost Confluence Plugin (CNVD-2025-21453)

Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause unauthorized channel subscriptions...

5.3CVSS6.5AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/08/11 7:15 p.m.19 views

CVE-2025-8285

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint...

5.3CVSS0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/08/11 7:15 p.m.25 views

CVE-2025-44004

Mattermost Confluence Plugin version 1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint...

7.2CVSS0.00189EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 6:57 p.m.27 views

CVE-2025-8285

Mattermost Confluence Plugin has a Missing Authorization vulnerability in versions

5.3CVSS7.1AI score0.00184EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/08/11 6:57 p.m.32 views

CVE-2025-53910

The CVE concerns Mattermost Confluence Plugin prior to 1.5.0, where API calls to edit channel subscriptions do not properly verify user access to the channel. This enables creation of a channel subscription without proper channel access. No exploitation details or fixes are provided in the connec...

4CVSS7AI score0.00183EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.4 views

PT-2025-32579 · Mattermost · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user access to a channel, enabling attackers to create channel subscriptions without authorization through an API call to the...

4CVSS7.1AI score0.00183EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.3 views

PT-2025-32571 · WordPress · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user authorization to the Mattermost instance, enabling attackers to create channel subscriptions without proper authorization...

7.2CVSS7.2AI score0.00189EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.6 views

PT-2025-32584 · Mattermost · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user access to a channel, allowing attackers to create channel subscriptions without proper authorization via an API call to th...

4CVSS7.1AI score0.00184EPSS
Exploits0References10
Rows per page
Query Builder