| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13523 | Cross-Site Scripting (XSS) via Unescaped Display Names in Mattermost Confluence Plugin OAuth2 Flow | Mattermost | Mattermost Confluence Plugin | High | 7.7 | 2026-02-06 15:52:31 | Deep Dive |
| CVE-2025-22166 | Atlassian Confluence Data Center and Server 安全漏洞 | Atlassian | Confluence Data Center | - | - | 2025-10-21 16:00:06 | Deep Dive |
| CVE-2025-8285 | Unauthorized Channel Subscription Creation in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 4.0 | 2025-08-11 18:57:08 | Deep Dive |
| CVE-2025-54525 | Unexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | High | 7.5 | 2025-08-11 18:57:07 | Deep Dive |
| CVE-2025-54478 | Unauthenticated Channel Subscription Edit in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | High | 7.2 | 2025-08-11 18:57:06 | Deep Dive |
| CVE-2025-54463 | Unexpected Input to Cloud Webhook endpoint Causes DoS in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 5.9 | 2025-08-11 18:57:05 | Deep Dive |
| CVE-2025-54458 | Unauthorized Subscription Creation to Confluence Space in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 5.0 | 2025-08-11 18:57:05 | Deep Dive |
| CVE-2025-53910 | Unauthorized Channel Subscription Edit in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 4.0 | 2025-08-11 18:57:03 | Deep Dive |
| CVE-2025-53857 | Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Low | 3.7 | 2025-08-11 18:57:02 | Deep Dive |
| CVE-2025-53514 | Unexpected Input to Server Webhook endpoint Causes DoS in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 5.9 | 2025-08-11 18:57:02 | Deep Dive |
| CVE-2025-52931 | Unexpected input to Update Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | High | 7.5 | 2025-08-11 18:57:01 | Deep Dive |
| CVE-2025-49221 | Unauthenticated Access to Channel Subscription in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Low | 3.7 | 2025-08-11 18:57:00 | Deep Dive |
| CVE-2025-48731 | Unauthorized Subscription Edit to Confluence Space in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 6.4 | 2025-08-11 18:56:59 | Deep Dive |
| CVE-2025-44004 | Unauthenticated Channel Subscription Creation in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | High | 7.2 | 2025-08-11 18:56:58 | Deep Dive |
| CVE-2025-44001 | Unauthorized Channel Subscription Read in Mattermost Confluence Plugin | Mattermost | Mattermost Confluence Plugin | Medium | 4.0 | 2025-08-11 18:56:57 | Deep Dive |
| CVE-2023-22512 | Atlassian Confluence 安全漏洞 | Atlassian | Confluence Data Center | 高危 | - | 2025-03-17 22:34:43 | Deep Dive |
| CVE-2025-27604 | XWiki Confluence Migrator Pro's homepage is public | xwikisas | application-confluence-migrator-pro | High | 7.5 | 2025-03-07 16:11:32 | Deep Dive |
| CVE-2025-27603 | XWiki Confluence Migrator Pro allows Remote Code Execution via unescaped translations | xwikisas | application-confluence-migrator-pro | Critical | 9.1 | 2025-03-07 16:06:40 | Deep Dive |
| CVE-2024-21703 | Atlassian Confluence Data Center and Server 安全漏洞 | Atlassian | Confluence Data Center | 中危 | - | 2024-11-27 17:00:02 | Deep Dive |
| CVE-2024-21690 | Atlassian Confluence Data Center and Server 安全漏洞 | Atlassian | Confluence Data Center | - | - | 2024-08-21 16:05:00 | Deep Dive |