Primary

Context

Mattermost Confluence Plugin Authentication Bypass Vulnerability in Subscription Details Access

Vulnerability

An authentication bypass vulnerability has been identified in the Mattermost Confluence Plugin, specifically in versions prior to 1.5.0. This vulnerability allows unauthenticated attackers to access subscription details through an API call to the subscription endpoint.

Impact

Exploitation of this vulnerability allows unauthorized access to subscription details via the Mattermost API.

Remediation

Users can upgrade to Mattermost Confluence Plugin version 1.5.0 or later to address this vulnerability.

Added: Aug 11, 2025, 7:40 PM

Updated: Aug 11, 2025, 7:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Confluence Plugin Authentication Bypass Vulnerability in Subscription Details Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating