CNNVD-202512-046 Information

CNNVD ID

CNNVD-202512-046

Related CVE

CVE-2025-12756

• CNNVD Published: 2025-12-01

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全漏洞，该漏洞源于删除评论时未验证用户权限，可能导致未经授权的评论删除。以下版本受到影响：11.0.x版本至11.0.2版本、10.12.x版本至10.12.1版本、10.11.x版本至10.11.4版本、10.5.x版本至10.5.12版本。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mattermost, which results from the absence of user permissions when comments are deleted and may lead to the deletion of unauthorized comments. The following versions were affected: 11.0.x to 11.02, 10.12.x to 10.12.1, 10.11.x to 10.11.4, 10.5.x to 10.5.12.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2025-12-01

Last Modified

2026-02-24

References

https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-12756

Patch

https://mattermost.com/security-updates