Back to CVE List

CVE-2026-3495

LOW SEVERITY

CVSS Score & Metrics

Base Score
3.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Vulnerability Description

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those values.. Mattermost Advisory ID: MMSA-2026-00622

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
mattermost
Product
mattermost_server

External References

Discussion (0)

Add Comment

No comments yet. Be the first!