github.com/mattermost/mattermost-plugin-jira (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/mattermost/mattermost-plugin-jira, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2025-14273 — CVSS 7.2 (high): Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 with the Jira plugin enabled and Mattermost…
CVE-2024-23319 — CVSS 3.5 (low): Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect…
CVE-2024-24774 — CVSS 3.4 (low): Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who…