CVE-2025-25279 Arbitrary file read in Mattermost Boards via import & export board archive

Mattermost versions 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards...

PT-2023-14657 · WordPress · Webtoffee Wordpress Comments Import & Export

Name of the Vulnerable Software and Affected Versions: WebToffee WordPress Comments Import & Export versions 2.3.1 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file. This can potentially lead to unintended consequences when importing or...