CNNVD-202602-1009 Information
Feb 06, 2026
cve
CNNVD ID
CNNVD-202602-1009
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
Mattermost Confluence Plugin是美国Mattermost公司的一个插件。 Mattermost Confluence Plugin 1.7.0之前版本存在安全漏洞,该漏洞源于HTML模板渲染中未正确转义用户控制的显示名称,可能导致经过身份验证的攻击者执行任意JavaScript。
Description (English)
Mattermust Conflence Plugin is a plugin for the United States firm Mattermost. There was a security loophole in the previous version of Mattermust Confluence Plugin 1.7.0, which stemmed from the incorrect conversion of user-controlled display names in the HTML template rendering, which could lead to the execution of any JavaScript by the identified assailant.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2026-02-06
Last Modified
2026-02-24
References
https://mattermost.com/security-updates
Patch
https://mattermost.com/security-updates/
Share on: