CVE-2023-7113
published 2023-12-29CVE-2023-7113: Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost_server_v8 | >= 0 < 8.1.7 | 8.1.7 |
| mattermost | mattermost | <= 8.1.6 | — |
| mattermost | mattermost_server | < 8.1.7 | 8.1.7 |