Lucene search
GoogleOSV:CVE-2023-7113HistoryDec 29, 2023 - 1:15 p.m.
CVE-2023-7113
2023-12-2913:15:11
Google
osv.dev
3
mattermost
sanitization
injection
web client
cve-2023-7113
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.0%
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.
References
Related
cve
cve
CVE-2023-7113
2023-12-29 13:15:11
github
github
Mattermost Cross-site Scripting vulnerability
2023-12-29 15:30:36
veracode
veracode
Cross-site Scripting (XSS)
2024-01-02 08:45:27
osv
osv
CGA-pcxv-43r4-92mm
2024-06-24 14:34:06
BIT-mattermost-2023-7113
2024-03-06 10:56:23
Mattermost Cross-site Scripting vulnerability
2023-12-29 15:30:36
cvelist
cvelist
CVE-2023-7113
2023-12-29 12:46:13
nvd
nvd
CVE-2023-7113
2023-12-29 13:15:11
prion
prion
Code injection
2023-12-29 13:15:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.0%
Related for OSV:CVE-2023-7113