d:{"metadata":[["$","title","0",{"children":"CVE-2026-28735 — Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to ga — CVE Database · The Intelligence Room"}],["$","meta","1",{"name":"description","content":"Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which…"}],["$","meta","2",{"name":"application-name","content":"The Intelligence Room"}],["$","link","3",{"rel":"author","href":"https://cryptobit.com"}],["$","meta","4",{"name":"author","content":"Cryptobit"}],["$","link","5",{"rel":"manifest","href":"/manifest.webmanifest","crossOrigin":"$undefined"}],["$","meta","6",{"name":"creator","content":"Cryptobit"}],["$","meta","7",{"name":"publisher","content":"Cryptobit"}],["$","meta","8",{"name":"robots","content":"index, follow"}],["$","link","9",{"rel":"canonical","href":"https://cryptobit.com/cve/CVE-2026-28735"}],["$","meta","10",{"property":"og:title","content":"CVE-2026-28735 — Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to ga"}],["$","meta","11",{"property":"og:description","content":"Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which…"}],["$","meta","12",{"property":"og:url","content":"https://cryptobit.com/cve/CVE-2026-28735"}],["$","meta","13",{"property":"og:locale","content":"en"}],["$","meta","14",{"property":"og:type","content":"article"}],["$","meta","15",{"property":"article:published_time","content":"2026-05-22T17:16:46Z"}],["$","meta","16",{"property":"article:modified_time","content":"2026-05-22T19:28:09Z"}],["$","meta","17",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","18",{"name":"twitter:title","content":"CVE-2026-28735 — Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to ga"}],["$","meta","19",{"name":"twitter:description","content":"Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which…"}],["$","link","20",{"rel":"icon","href":"/icon.svg","type":"image/svg+xml"}],["$","link","21",{"rel":"apple-touch-icon","href":"/apple-icon.svg","sizes":"180x180","type":"image/svg+xml"}],["$","$L22","22",{}]],"error":null,"digest":"$undefined"}