3 matches found
EUVD-2025-25420
Malicious code in bioql PyPI...
GHSA-QJ47-W9F2-QG44 Mattermost Does Not Sanitize the Team Invite ID
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore endpoint which allows an team admin with no member invite privileges to get the team’s invite id...
CVE-2025-47870
Mattermost Server contains a vulnerability where the team invite ID is not sanitized in the POST /api/v4/teams/:teamId/restore endpoint. Affected versions include Mattermost Server 9.11.x <= 9.11.17, 10.5.x <= 10.5.8, 10.8.x <= 10.8.3, and 10.9.x