Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/26 8:21 a.m.9 views

CVE-2025-24490

Mattermost versions 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories...

9.6CVSS9.5AI score0.00418EPSS
Exploits0References1
Circl
Circl
added 2025/02/24 9:30 a.m.4 views

CVE-2025-24490

creationtimestamp| type| source ---|---|--- 2025-02-24 09:30:39+00:00| seen| Telegram/Vvd5MA2nmu0duCxF3bbKYEKWTKbzMFIp2pUAfan9WmCtw 2025-02-24 09:48:41+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114058233176053982 2025-02-24 10:26:03+00:00| seen|...

9.6CVSS4.8AI score0.00418EPSS
Exploits0References8
NVD
NVD
added 2025/02/24 8:15 a.m.13 views

CVE-2025-24490

Mattermost versions 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories...

9.6CVSS0.00418EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/24 7:26 a.m.22 views

CVE-2025-24490 SQL Injection in Mattermost Boards via board category ID reordering

Mattermost versions 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories...

9.6CVSS7.9AI score0.00418EPSS
Exploits0References1
Rows per page
Query Builder