Lucene search
+L

6 matches found

SUSE CVE
SUSE CVE
added 2025/01/15 3:48 a.m.3 views

SUSE CVE-2025-22449

Mattermost versions 9.11.x = 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allowopeninvite" field via making their team public...

3.8CVSS6.9AI score0.00273EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/01/10 8:50 p.m.9 views

CVE-2025-22449

Mattermost versions 9.11.x = 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allowopeninvite" field via making their team public...

3.8CVSS6.6AI score0.00273EPSS
Exploits0References4
Chainguard
Chainguard
added 2025/01/09 7:15 a.m.9 views

CVE-2025-22449 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

3.8CVSS5.9AI score0.00273EPSS
Exploits0
Circl
Circl
added 2025/01/09 6:57 a.m.7 views

CVE-2025-22449

creationtimestamp| type| source ---|---|--- 2025-01-09 06:57:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113797093478066074 2025-01-09 07:00:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113797106903236698 2025-01-09 07:16:21+00:00| seen|...

3.8CVSS5.6AI score0.00273EPSS
Exploits0References5
CVE
CVE
added 2025/01/09 6:54 a.m.264 views

CVE-2025-22449

Mattermost Server 9.11.x ≤ 9.11.5 suffers an improper access-control flaw where team admins lacking invite permission can add users by toggling the allow_open_invite flag when a team is made public. Root cause: failure to enforce invite permissions. Affected feature/file: invite mechanism via all...

3.8CVSS4.3AI score0.00273EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/09 6:54 a.m.11 views

CVE-2025-22449 Access control flaw for team admins allows unauthorized team additions

Mattermost versions 9.11.x = 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allowopeninvite" field via making their team public...

3.8CVSS4.2AI score0.00273EPSS
Exploits0References1
Rows per page
Query Builder