Описание
Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a user loses channel access which allows the user to continue viewing private channel content via previously cached permalink previews until cache reset or relogin.. Mattermost Advisory ID: MMSA-2026-00580
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.11.0 (включая) до 10.11.11 (исключая)
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00067
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-672
Связанные уязвимости
CVSS3: 4.3
debian
21 день назад
Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached perm ...
CVSS3: 4.3
github
21 день назад
Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a user loses channel access which allows the user to continue viewing private channel content via previously cached permalink previews until cache reset or relogin.. Mattermost Advisory ID: MMSA-2026-00580
EPSS
Процентиль: 21%
0.00067
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-672