Описание
Mattermost versions 10.11.x <= 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID: MMSA-2026-00583
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 16%
0.0005
Низкий
Связанные уязвимости
CVSS3: 3.1
nvd
19 дней назад
Mattermost versions 10.11.x <= 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID: MMSA-2026-00583
CVSS3: 3.1
github
19 дней назад
Mattermost fails to validate user's authentication method when processing account auth type switch
EPSS
Процентиль: 16%
0.0005
Низкий