2 matches found
CVE-2025-13870
Mattermost versions 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Boards, which allows an authenticated user to access other board files and was able to subscribe to the block from other boards that the user does...
Mattermost Server 10.5.x <= 10.5.12 / 10.11.x <= 10.11.4 Improper Access Control (MMSA-2025-00517)
The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00517 advisory. - Mattermost versions 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Board...