CGA-jf3g-gpv8-vm32

Published

Last updated

Package

mattermost-fips-10.7

Repository

Chainguard

Latest Update

Fixed

Fixed Version

10.7.1-r1

Aliases

Severity

Unknown

Mattermost Cross-site Scripting vulnerability

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.