CVE-2021-37860 in Mattermost
要約
〜によって MITRE • 2021年09月23日
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.