Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-0503

Опубликовано: 14 фев. 2025
Источник: nvd
CVSS3: 3.1
CVSS3: 5.3
EPSS Низкий

Описание

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
Версия от 9.11.0 (включая) до 9.11.7 (исключая)

EPSS

Процентиль: 29%
0.00107
Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-754

Связанные уязвимости

debian логотип

CVE-2025-0503

CVSS3: 3.1
debian
12 месяцев назад

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the d ...

github логотип

GHSA-cc72-wc5x-7wmj

CVSS3: 3.1
github
12 месяцев назад

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database.

EPSS

Процентиль: 29%
0.00107
Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-754