Unauthorized Subscription Edit to Confluence Space in Mattermost Confluence Plugin
Description
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have access for via edit subscription endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Mattermost Confluence Plugin before 1.5.0 lacks access control checks, allowing attackers to edit subscriptions for Confluence spaces they do not have permission to access.
Vulnerability
Description
The Mattermost Confluence Plugin versions prior to 1.5.0 fail to verify whether a user has the necessary access rights to a Confluence space when processing subscription edit requests. This authorization bypass occurs in the edit subscription endpoint, which does not validate the user's permissions against the target Confluence space [1].
Exploitation
An attacker who is an authenticated Mattermost user with access to the plugin's subscription management functionality can exploit this flaw. By sending a crafted request to the edit subscription endpoint, the attacker can modify subscriptions for any Confluence space, regardless of their actual access permissions. No special network position or additional privileges are required beyond standard Mattermost access [1][2].
Impact
Successful exploitation allows an attacker to alter subscription configurations for Confluence spaces they should not have access to. This could lead to unauthorized notifications being sent to Mattermost channels, modification of subscription aliases, or other changes that affect how Confluence events are relayed to users [2].
Mitigation
The vulnerability is fixed in Mattermost Confluence Plugin version 1.5.0. Users should upgrade to this version or later to prevent unauthorized subscription edits [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/mattermost/mattermost-plugin-confluenceGo | < 1.5.0 | 1.5.0 |
Affected products
2- Range: <1.5.0
- Mattermost/Mattermost Confluence Pluginv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-cmpr-8prq-w5p5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-48731ghsaADVISORY
- mattermost.com/security-updatesghsaWEB
News mentions
0No linked articles in our index yet.