3 matches found
Mattermost Plugin Zoom fail to validate user identity and post ownership in the {{/api/v1/askPMI}} endpoint
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...
CVE-2026-0998
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...
PT-2026-8329
Name of the Vulnerable Software and Affected Versions Mattermost versions 11.1.x through 11.1.2 Mattermost versions 10.11.x through 10.11.9 Mattermost versions 11.2.x through 11.2.1 Mattermost Plugin Zoom versions through 1.11.0 Description The software does not properly validate user identity an...