CVE-2025-13523 | Mattermost Confluence Plugin up to 1.6.x Display Name cross site scripting

Inserito da Angelo Barbosa | Feb 6, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Mattermost Confluence Plugin up to 1.6.x. Affected by this vulnerability is an unknown functionality of the component Display Name Handler. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-13523. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2025-13523 | Mattermost Confluence Plugin up to 1.6.x Display Name cross site scripting

Post correlati

CVE-2026-1194 | MineAdmin 1.x/2.x Swagger information disclosure

CVE-2024-4626 | JetWidgets for Elementor Plugin up to 1.0.17 on WordPress layout_type/id cross site scripting

CVE-2024-46865 | Linux Kernel up to 6.1.110/6.6.51/6.10.10 initialization

CVE-2024-50599 | Synacor Zimbra Collaboration Suite 8.8.15 Webmail Calendar Endpoint cross site scripting