CVE-2024-2445 Information

Description

Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10 9.2.x before 9.2.6 9.3.x before 9.3.2 and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages which allows an attacker to perform reflected cross-site scripting attacks against the users of the Mattermost server.

Reference

https://mattermost.com/security-updates