Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Mattermost Confluence Plugin — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in Mattermost Confluence Plugin, with AI-generated Chinese analysis, references, and POCs.

Vendor: Mattermost

CVE IDTitleCVSSSeverityPublished
CVE-2025-13523 Cross-Site Scripting (XSS) via Unescaped Display Names in Mattermost Confluence Plugin OAuth2 Flow CWE-79 7.7 High2026-02-06
CVE-2025-8285 Unauthorized Channel Subscription Creation in Mattermost Confluence Plugin CWE-862 4.0 Medium2025-08-11
CVE-2025-54525 Unexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin CWE-1287 7.5 High2025-08-11
CVE-2025-54478 Unauthenticated Channel Subscription Edit in Mattermost Confluence Plugin CWE-306 7.2 High2025-08-11
CVE-2025-54463 Unexpected Input to Cloud Webhook endpoint Causes DoS in Mattermost Confluence Plugin CWE-754 5.9 Medium2025-08-11
CVE-2025-54458 Unauthorized Subscription Creation to Confluence Space in Mattermost Confluence Plugin CWE-862 5.0 Medium2025-08-11
CVE-2025-53910 Unauthorized Channel Subscription Edit in Mattermost Confluence Plugin CWE-862 4.0 Medium2025-08-11
CVE-2025-53514 Unexpected Input to Server Webhook endpoint Causes DoS in Mattermost Confluence Plugin CWE-754 5.9 Medium2025-08-11
CVE-2025-53857 Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin CWE-862 3.7 Low2025-08-11
CVE-2025-52931 Unexpected input to Update Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin CWE-754 7.5 High2025-08-11
CVE-2025-49221 Unauthenticated Access to Channel Subscription in Mattermost Confluence Plugin CWE-862 3.7 Low2025-08-11
CVE-2025-48731 Unauthorized Subscription Edit to Confluence Space in Mattermost Confluence Plugin CWE-862 6.4 Medium2025-08-11
CVE-2025-44004 Unauthenticated Channel Subscription Creation in Mattermost Confluence Plugin CWE-306 7.2 High2025-08-11
CVE-2025-44001 Unauthorized Channel Subscription Read in Mattermost Confluence Plugin CWE-862 4.0 Medium2025-08-11

All 14 known CVE vulnerabilities affecting Mattermost Confluence Plugin with full Chinese analysis, references, and POCs where available.