exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2025-13523

3 дня назад

Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. Mattermost Advisory ID: MMSA-2025-00557

CVSS3: 7.7

EPSS: Низкий

GHSA-ffx7-34p2-vm3w

3 дня назад

Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering

CVSS3: 7.7

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2025-13523 Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. Mattermost Advisory ID: MMSA-2025-00557	CVSS3: 7.7	0% Низкий	3 дня назад
	GHSA-ffx7-34p2-vm3w Mattermost Confluence plugin doesn't properly escape user-controlled display names in HTML template rendering	CVSS3: 7.7	0% Низкий	3 дня назад

Уязвимостей на страницу