Описание
Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Mattermost Advisory ID: MMSA-2025-00531
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.11.0 (включая) до 10.11.11 (исключая)
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
3.8 Low
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 3.8
debian
14 дней назад
Mattermost versions 10.11.x <= 10.11.10 fail to properly validate perm ...
CVSS3: 3.8
github
14 дней назад
Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Mattermost Advisory ID: MMSA-2025-00531
EPSS
Процентиль: 9%
0.00032
Низкий
3.8 Low
CVSS3
Дефекты
CWE-863