Cross-Site Scripting (XSS)
Discription
github.com/mattermost/mattermost-server is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker is able to send AJAX requests on behalf of the victim through OAuth flow completion endpoints via sharing a crafted link with a malicious state parameter.Read More
References
Back to Main
