Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.
2024-02-09T15:15:08.133
2024-11-21T08:57:29.683
Modified
CVSSv3.1: 3.5 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mattermost | mattermost_server | ≤ 8.1.7 | Yes |