Vulnerability Details CVE-2021-37859
Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.451
EPSS Ranking 97.5%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 4.3
Products affected by CVE-2021-37859
-
cpe:2.3:a:mattermost:mattermost:5.34.0
-
cpe:2.3:a:mattermost:mattermost:5.34.1
-
cpe:2.3:a:mattermost:mattermost:5.34.2
-
cpe:2.3:a:mattermost:mattermost:5.34.3
-
cpe:2.3:a:mattermost:mattermost:5.34.4
-
cpe:2.3:a:mattermost:mattermost:5.35.0
-
cpe:2.3:a:mattermost:mattermost:5.35.1
-
cpe:2.3:a:mattermost:mattermost:5.35.2
-
cpe:2.3:a:mattermost:mattermost:5.35.3
-
cpe:2.3:a:mattermost:mattermost:5.36.0