Security Advisory

CVE-2026-1628

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-02 13:24:21

Last updated 2026-03-02 14:58:30

Assigner Mattermost

State PUBLISHED

Description

Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server. Mattermost Advisory ID: MMSA-2026-00596

← Browse all CVEs View on cve.org ↗