Описание
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 9%
0.00031
Низкий
Связанные уязвимости
CVSS3: 4.3
nvd
14 дней назад
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542
CVSS3: 4.3
github
14 дней назад
Mattermost fails to verify run_create permission for empty playbookId
EPSS
Процентиль: 9%
0.00031
Низкий