{"id":"CVE-2025-54525","details":"Mattermost Confluence Plugin version \u003c1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body.","aliases":["GHSA-3cg3-3mmr-w8hj","GO-2025-3872"],"modified":"2026-04-10T05:29:36.173960Z","published":"2025-08-11T19:15:30.353Z","related":["openSUSE-SU-2025:15469-1"],"references":[{"type":"ADVISORY","url":"https://mattermost.com/security-updates"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54525.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}