d:{"metadata":[["$","title","0",{"children":"CVE-2026-6333 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect — CVE Database · The Intelligence Room"}],["$","meta","1",{"name":"description","content":"Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which…"}],["$","meta","2",{"name":"application-name","content":"The Intelligence Room"}],["$","link","3",{"rel":"author","href":"https://cryptobit.com"}],["$","meta","4",{"name":"author","content":"Cryptobit"}],["$","link","5",{"rel":"manifest","href":"/manifest.webmanifest","crossOrigin":"$undefined"}],["$","meta","6",{"name":"creator","content":"Cryptobit"}],["$","meta","7",{"name":"publisher","content":"Cryptobit"}],["$","meta","8",{"name":"robots","content":"index, follow"}],["$","link","9",{"rel":"canonical","href":"https://cryptobit.com/cve/CVE-2026-6333"}],["$","meta","10",{"property":"og:title","content":"CVE-2026-6333 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect"}],["$","meta","11",{"property":"og:description","content":"Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which…"}],["$","meta","12",{"property":"og:url","content":"https://cryptobit.com/cve/CVE-2026-6333"}],["$","meta","13",{"property":"og:locale","content":"en"}],["$","meta","14",{"property":"og:type","content":"article"}],["$","meta","15",{"property":"article:published_time","content":"2026-05-18T09:16:23Z"}],["$","meta","16",{"property":"article:modified_time","content":"2026-05-19T17:51:43Z"}],["$","meta","17",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","18",{"name":"twitter:title","content":"CVE-2026-6333 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect"}],["$","meta","19",{"name":"twitter:description","content":"Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which…"}],["$","link","20",{"rel":"icon","href":"/icon.svg","type":"image/svg+xml"}],["$","link","21",{"rel":"apple-touch-icon","href":"/apple-icon.svg","sizes":"180x180","type":"image/svg+xml"}],["$","$L22","22",{}]],"error":null,"digest":"$undefined"}