Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.
2023-12-29T13:15:11.930
2024-11-21T08:45:18.417
Modified
CVSSv3.1: 3.7 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mattermost | mattermost_server | < 8.1.7 | Yes |