14 matches found
CVE-2025-44001
CVE-2025-44001 concerns the Mattermost Confluence Plugin where versions
CVE-2025-53514
Mattermost Confluence Plugin (versions
CVE-2025-49221
The CVE-2025-49221 issue affects Mattermost Confluence Plugin versions
CVE-2025-54463
Mattermost Confluence Plugin (github.com/mattermost/mattermost-plugin-confluence) versions
CVE-2025-53857
Mattermost Confluence Plugin
CVE-2025-54458
Mattermost Confluence Plugin vulnerability CVE-2025-54458: versions = 1.5.0 or apply vendor-provided fix as available.
CVE-2025-44004
Affected: Mattermost Confluence Plugin (
CVE-2025-53910
The CVE concerns Mattermost Confluence Plugin prior to 1.5.0, where API calls to edit channel subscriptions do not properly verify user access to the channel. This enables creation of a channel subscription without proper channel access. No exploitation details or fixes are provided in the connec...
CVE-2025-54525
Mattermost Confluence Plugin (github.com/mattermost/mattermost-plugin-confluence) is affected by CVE-2025-54525. Versions older than 1.5.0 fail to properly handle an unexpected request body to the create channel subscription endpoint, which can cause the plugin to crash (DoS) under constant inval...
CVE-2025-8285
Mattermost Confluence Plugin has a Missing Authorization vulnerability in versions
CVE-2025-54478
Summary (CVE-2025-54478): Mattermost Confluence Plugin (versions
CVE-2025-52931
Mattermost Confluence Plugin has a DoS vulnerability (CVE-2025-52931) in versions
CVE-2025-48731
Summary : CVE-2025-48731 affects Mattermost Confluence Plugin versions
CVE-2025-13523
CVE-2025-13523 affects Mattermost Confluence plugin versions prior to 1.7.0. The root cause is improper escaping of user-controlled display names during HTML template rendering. This allows authenticated Confluence users with malicious display names to trigger arbitrary JavaScript execution in a ...