Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2025/11/13 5:32 p.m.8 views

CVE-2025-59480

Mattermost Mobile Apps (Android/iOS) versions up to and including 2.32.0 are affected by an insufficient verification of SSO redirect tokens. The root cause is failure to verify that SSO tokens originate from a trusted server, enabling a malicious Mattermost instance or an on-path attacker to obt...

6.5CVSS6.4AI score0.00017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/11/13 5:32 p.m.5 views

CVE-2025-59480 Inadequate validation of SSO redirect credentials permits credential theft

Mattermost Mobile Apps versions =2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermost instance or on-path attacker to obtain user session credentials via crafted token-in-URL responses...

6.1CVSS0.00017EPSS
Exploits0References1
Rows per page
Query Builder