CVE-2025-47700

Mattermost Server versions 10.5.x = 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions...

PT-2025-34196 · Mattermost · Mattermost Server +1

Name of the Vulnerable Software and Affected Versions: Mattermost Server versions 10.5.0 through 10.5.9 Description: Mattermost Server versions 10.5.x up to and including 10.5.9, when utilizing the Agents plugin, do not reject empty request bodies. This allows users to potentially trick others in...