Cross-Site Scripting (XSS) Vulnerability in Mattermost Server before 3.1.0
CVE-2016-11071 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
Learn more about our Cis Benchmark Audit For Server Software.