CVE-2021-37859

Summary

Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost.

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost5.34.5unaffected
MattermostMattermost5.35.4unaffected
MattermostMattermost5.32.0 <= 5.36.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References