CVE Details: CVE-2024-23319

Description

Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.

Published Date: 2024-02-09
Last Modified Date: 2024-02-15
Severity: LOW
CVSS v3 Score: 3.5
CWE ID: CWE-352
Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: LOW
User Interaction: REQUIRED
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: LOW

Back to CVE List