CNNVD-202508-2638 Information

CNNVD ID

CNNVD-202508-2638

Related CVE

CVE-2025-53971

• CNNVD Published: 2025-08-21

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.5.8及之前版本的10.5.x版本和9.11.17及之前版本的9.11.x版本存在安全漏洞，该漏洞源于未正确验证团队方案角色修改的授权，可能导致团队管理员将团队成员降级为访客。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. Mattermust 10.5.8 and previous versions of 10.5.x and 9.11.17 and earlier versions of 9.11.x contain security loopholes stemming from incorrect validation of the delegation of authority to change the role of the team programme, which may result in the team manager downgrading the team members to visitors.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2025-08-21

Last Modified

2026-02-24

References

https://mattermost.com/security-updates https://nvd.nist.gov/vuln/detail/CVE-2025-53971

Patch

https://mattermost.com/download/