Mattermost Plugin Gitlab
by Mattermost
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3117 | Med | 0.42 | 6.5 | 0.00 | May 18, 2026 | Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the {{gitlab instance {option}}} or the {{/gitlab… | ||
| CVE-2023-2797 | Low | 0.20 | 3.1 | 0.00 | Jun 16, 2023 | Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel. |
- risk 0.42cvss 6.5epss 0.00
Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the {{gitlab instance {option}}} or the {{/gitlab…
- risk 0.20cvss 3.1epss 0.00
Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel.