CNNVD-202602-2294 Information

CNNVD ID

CNNVD-202602-2294

Related CVE

CVE-2026-22892

• CNNVD Published: 2026-02-13

Description (Chinese)

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost 11.1.2及之前的11.1.x版本、10.11.9及之前的10.11.x版本和11.2.1及之前的11.2.x版本存在安全漏洞，该漏洞源于从Mattermost帖子创建Jira问题时未验证用户权限，可能导致经过身份验证的攻击者读取其无法访问的频道中的帖子内容和附件。

Description (English)

Mattermost is an open-source collaborative platform for Mattermost in the United States. 11.l.x 11.1.2 and earlier, 10.11.x and previous and 11.2.1 and previous versions 11.2.x have security loopholes, which stem from the lack of authentication of user privileges on the creation of Jira from the Matermost post and may lead to the search by the identity-verified assailants of the content of their messages and attachments on channels they cannot access.

Vulnerability Type

其他

Affected Vendor

Mattermost

Published

2026-02-13

Last Modified

2026-02-24

References

https://mattermost.com/security-updates

Patch

https://mattermost.com/security-updates