CVE-2025-27538

Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with editotherusers permission to activate or deactivate MFA for other users, even if those users have not...

Mattermost Server 9.11.x < 9.11.9 / 10.3.x < 10.3.4 / 10.4.x < 10.4.3 (MMSA-2025-00422)

The version of Mattermost Server installed on the remote host is prior to 9.11.9, 10.3.4, or 10.4.3. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00422 advisory. - Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to enforce MFA on certain...

Unable to login to Citrix Cloud - Error: "incorrect username, password or token"

Unable to login to Citrix Cloud to access virtualized app. The error message "incorrect username, password or token" is displayed. The process of setting up MFA works perfectly, but once Authenticator App is paired and actual login attempted, it always fails...