Vulnerability Details CVE-2025-8285
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.2%
CVSS Severity
CVSS v3 Score 4.0
References
Products affected by CVE-2025-8285
-
cpe:2.3:a:mattermost:confluence:*