Cross-Site Scripting in Mattermost Server Pre-2.2.0
CVE-2016-11082
6.1MEDIUM
Summary
A vulnerability has been found in Mattermost Server versions prior to 2.2.0 that allows attackers to execute cross-site scripting (XSS) through crafted links. This flaw enables malicious users to potentially manipulate webpage content, leading to unauthorized access or data theft. Users are strongly advised to upgrade to the latest version to mitigate risks associated with this vulnerability.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved