CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

PT-2024-32292 · Opendaylight · Opendaylight Authentication

Name of the Vulnerable Software and Affected Versions: OpenDaylight Authentication, Authorization and Accounting AAA versions through 0.19.3 Description: An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA. A rogue controller can join a cluster to impersonate ...