Shoodagiri

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 11.5.0 through 11.5.1 Mattermost versions 10.11.0 through 10.11.13 **Description** Failure to escape certain variables during the composition of error pages allows an attacker with permissions to edit site configurations to execute malicious code by injecting JavaScript into those values. **Recommendations** Update versions 11.5.0 through 11.5.1 to a version later than 11.5.1. Update versions 10.11.0 through 10.11.13 to a version later than 10.11.13.