CNNVD-202511-1718 Information
CNNVD ID
CNNVD-202511-1718
Related CVE
- CNNVD Published: 2025-11-14
Description (Chinese)
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.11.3及之前的10.11.x版本、10.5.11及之前的10.5.x版本和10.12.0及之前的10.12.x版本存在安全漏洞,该漏洞源于未验证帖子更新与MSTeams插件OAuth流程的关系,可能导致攻击者通过特制URL编辑任意帖子。
Description (English)
Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mattermust 10.11.3 and earlier versions 10.11.x, 10.5.11 and earlier versions 10.5.x and 10.12.0 and earlier versions 10.12.x, which stems from the unverified update of the post in relation to the MSTeams plugin OAuth process, which may result in the aggressor editing randomly through a customized URL.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2025-11-14
Last Modified
2026-02-24
References
https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-55073
Patch
https://mattermost.com/security-updates/
Share on: