CVE-2026-3495 | Mattermost up to 10.11.13/11.5.1 Configuration cross site scripting

A vulnerability classified as problematic has been found in Mattermost up to 10.11.13/11.5.1. The affected element is an unknown function of the component Configuration Handler. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-3495. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More