CNNVD-202509-2250 Information

CNNVD ID

CNNVD-202509-2250

Related CVE

CVE-2025-9084

• CNNVD Published: 2025-09-15

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.5.9及之前的10.5.x版本存在安全漏洞，该漏洞源于未正确验证重定向URL，可能导致攻击者通过特制OAuth登录URL将用户重定向到恶意站点。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mettermost 10.5.9 and previous version 10.5.x, which stems from the incorrect validation of the re-directed URL, which may lead the assailant to re-direct the user to a malicious site by entering the URL through a specially designed Oouth.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Matthias Van Woensel

Published

2025-09-15

Last Modified

2026-02-24

References

https://mattermost.com/security-updates

Patch

https://mattermost.com/security-updates/