CNNVD-202512-3288 Information

CNNVD ID

CNNVD-202512-3288

Related CVE

CVE-2025-62190

• CNNVD Published: 2025-12-17

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全漏洞，该漏洞源于Calls部件页面缺少CSRF保护，可能导致攻击者发起呼叫并向频道或直接消息注入消息。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. There is a security loophole in Matermost, which stems from the lack of CSRF protection on the Calls widget page, which may lead to calls from the attackers and the infusion of news on the channel or direct news.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2025-12-17

Last Modified

2026-02-24

References

https://mattermost.com/security-updates

Patch

https://mattermost.com/security-updates/