Medium severity6.5NVD Advisory· Published May 18, 2026· Updated Jun 5, 2026
CVE-2026-3471
CVE-2026-3471
Description
Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop App which allows a malicious server owner to repeated crash the application via calling {{window.open('javascript:alert()');}}. Mattermost Advisory ID: MMSA-2026-00618
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=6.1, 6.0.1, 5.4.13.0
Patches
Vulnerability mechanics
References
1- mattermost.com/security-updatesnvdVendor Advisory
News mentions
0No linked articles in our index yet.