CNNVD-202511-2935 Information
CNNVD ID
CNNVD-202511-2935
Related CVE
- CNNVD Published: 2025-11-27
Description (Chinese)
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全漏洞,该漏洞源于OAuth状态令牌验证不足,可能导致账户接管。以下版本受到影响:10.12.1及之前的10.12.x版本、10.11.4及之前的10.11.x版本、10.5.12及之前的10.5.x版本和11.0.3及之前的11.0.x版本。
Description (English)
Mattermost is an open-source collaborative platform for Mattermost in the United States. There was a security loophole in Matermost, which stemmed from inadequate verification of the OAuth status token, which could lead to the account being taken over. The following versions have been affected: 10.12.1 and previous versions of 10.12.x, 10.11.4 and previous versions of 10.11.x, 10.5.12 and earlier versions of 10.5.x and 11.0.3 and previous versions of 11.0.x.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2025-11-27
Last Modified
2026-02-24
References
https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-12419
Patch
https://mattermost.com/security-updates/
Share on: