Primary

Context

Mattermost Confluence Plugin Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the Mattermost Confluence Plugin, version prior to 1.5.0. The issue arises because the plugin fails to properly manage unexpected request bodies. This flaw allows attackers to crash the plugin by repeatedly sending invalid request bodies to the channel subscription update endpoint.

Impact

Exploitation of this vulnerability leads to a crash of the Confluence plugin, causing a denial-of-service condition where the plugin becomes unresponsive or unavailable.

Remediation

Users can upgrade to Mattermost Confluence Plugin version 1.5.0 or later to address this vulnerability.

Added: Aug 11, 2025, 7:34 PM

Updated: Aug 11, 2025, 7:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Confluence Plugin Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating