6 matches found
Mattermost Server 9.11.x < 9.11.9 / 10.3.x < 10.3.4 / 10.4.x < 10.4.3 (MMSA-2025-00421)
The version of Mattermost Server installed on the remote host is prior to 9.11.9, 10.3.4, or 10.4.3. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00421 advisory. - Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to restrict command...
CVE-2025-25274
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels...
CVE-2025-25274
creationtimestamp| type| source ---|---|--- 2025-03-21 11:48:06+00:00| seen| https://t.me/cvedetector/20805 2025-03-21 13:23:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkvcp4hvrj2m...
CVE-2025-25274 Unauthorized Command Execution in Archived Channels
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels...
CVE-2025-25274
Mattermost Server contains a vulnerability CVE-2025-25274 in archived channels: versions 10.4.x (≤10.4.2), 10.3.x (≤10.3.3), and 9.11.x (≤9.11.8) fail to restrict command execution, allowing authenticated users to run commands in archived channels. Root cause is improper access control around arc...
CVE-2025-25274 Unauthorized Command Execution in Archived Channels
Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels...