6.1
CVSSv3

CVE-2021-37860

Published: 22/09/2021 Updated: 05/10/2021
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Summary

Mattermost 5.38 and previous versions fails to sufficiently sanitize clipboard contents, which allows a user-assisted malicious user to inject arbitrary web script in product deployments that explicitly disable the default CSP.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mattermost mattermost

Vendor Advisories

Mattermost 538 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP ...