CVE-2025-49221 Information
Aug 12, 2025
cve
Description
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint.
Reference
https://mattermost.com/security-updates
Related CNNVD
CNNVD-202508-947 (Published: 2025-08-11)
Share on: