CVE-2025-49221
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint.
Vendor
Product
CWE
Yayın Tarihi
2025-08-11 19:15:28
Güncelleme
2025-09-24 20:44:19
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-