CVE-2021-37860 in Mattermost
요약
\~에 의해 MITRE • 2021. 09. 23.
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.