CVE-2023-7113

Опубликовано: 29 дек. 2023

Источник: debian

Описание

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.

Пакет	Статус	Версия исправления	Релиз	Тип
mattermost-server	itp			package

CVE-2023-7113

CVSS3: 3.7

nvd

около 2 лет назад

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.

GHSA-h3gq-j7p9-x3p4

CVSS3: 3.7

github

около 2 лет назад

Mattermost Cross-site Scripting vulnerability