mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
797 B
797 B
CVE-2023-1421
&color=brighgreen)
Description
A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter.
POC
Reference
Github
No PoCs found on GitHub currently.