CVE-2025-54478 Information

Aug 12, 2025 cve

Description

Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to edit channel subscriptions via API call to the edit channel subscription endpoint.

Reference

https://mattermost.com/security-updates

CNNVD-202508-961 (Published: 2025-08-11)

Share on:

CVE-2025-54478 Information

Description

Reference

Related CNNVD