Описание
Mattermost Server SSRF Vulnerability via the Agents Plugin
Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions
Пакеты
Наименование
github.com/mattermost/mattermost-server
go
Затронутые версииВерсия исправления
>= 10.5.0, <= 10.5.9
10.5.10
Наименование
github.com/mattermost/mattermost/server/v8
go
Затронутые версииВерсия исправления
< 8.0.0-20250814075248-83a37a861d3c
8.0.0-20250814075248-83a37a861d3c
Связанные уязвимости
CVSS3: 3.5
nvd
6 месяцев назад
Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions
CVSS3: 3.5
debian
6 месяцев назад
Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugi ...