← volver
CVE-2026-2476

MS Teams plugin sensitive config values not properly masked in support packets

CVSS 7.6 HIGHEPSS 0.2%CWE-200
Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
Productos afectados
Mattermost · Mattermost

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://mattermost.com/security-updates