CNNVD-202512-3258 Information
CNNVD ID
CNNVD-202512-3258
Related CVE
- CNNVD Published: 2025-12-17
Description (Chinese)
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 10.11.5及之前的10.11.x版本、11.0.4及之前的11.0.x版本和10.12.2及之前的10.12.x版本存在安全漏洞,该漏洞源于使用后未使邀请令牌失效,可能导致通过令牌重放攻击操纵频道成员资格。
Description (English)
Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Mattermust 10.11.5 and earlier versions 10.11.x, 11.0.4 and earlier versions 11.0.x and 10.12.2 and earlier versions 10.12.x, which stems from the fact that the invitation badge was not invalidated after its use and could lead to the re-alignment of the attack to manipulate the channel membership.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mattermost
Published
2025-12-17
Last Modified
2026-02-24
References
https://mattermost.com/security-updates https://access.redhat.com/security/cve/cve-2025-13324
Patch
https://mattermost.com/security-updates/
Share on: