Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/22 12:0 a.m.13 views

Mattermost Server 9.11.x < 9.11.12 / 10.4.x < 10.4.5 / 10.5.x < 10.5.3 / 10.6.x < 10.6.2 (MMSA-2025-00459)

The version of Mattermost Server installed on the remote host is prior to 9.11.12, 10.4.5, 10.5.3, or 10.6.2. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00459 advisory. - Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail...

4.3CVSS5.6AI score0.00198EPSS
Exploits0References2
NVD
NVD
added 2025/05/15 11:15 a.m.14 views

CVE-2025-3446

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team...

4.3CVSS0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/15 10:43 a.m.8 views

CVE-2025-3446 Members Without Guest Invite Permissions Can Add Guests to Teams

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team...

4.3CVSS6.6AI score0.00198EPSS
Exploits0References1
CVE
CVE
added 2025/05/15 10:43 a.m.49 views

CVE-2025-3446

Summary: Mattermost versions 10.6.x &lt;= 10.6.1, 10.5.x &lt;= 10.5.2, 10.4.x &lt;= 10.4.4, 9.11.x

4.3CVSS6.6AI score0.00198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 10:43 a.m.16 views

CVE-2025-3446 Members Without Guest Invite Permissions Can Add Guests to Teams

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team...

4.3CVSS0.00198EPSS
Exploits0References1
Rows per page
Query Builder