Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-1421

Опубликовано: 15 мар. 2023
Источник: debian

Описание

A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mattermost-serveritppackage

Связанные уязвимости

nvd логотип

CVE-2023-1421

CVSS3: 3.5
nvd
почти 3 года назад

A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter.

github логотип

GHSA-mq63-cgjw-m94m

CVSS3: 6.1
github
почти 3 года назад

A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter.