CVE-2025-55073 MS Teams plugin OAuth allows editing arbitrary posts

Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11, 10.12.x = 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an input validation error vulnerability that stems from Mattermost's inability to validate all parameters when creating scripts that run through the /dialog API, which can be...