Mattermost Confluence Plugin Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the Mattermost Confluence Plugin, versions prior to 1.5.0. The issue arises because the plugin does not properly manage unexpected request bodies. This flaw allows attackers to crash the plugin by repeatedly sending invalid requests to the server's webhook endpoint.

Impact

Exploitation of this vulnerability leads to a crash of the Confluence plugin, causing a denial-of-service condition where the plugin becomes unresponsive or unavailable.

Added: Aug 11, 2025, 7:20 PM

Updated: Aug 11, 2025, 7:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Confluence Plugin Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating