Количество 3
Количество 3
CVE-2025-13767
Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachments from channels they do not have access to.
CVE-2025-13767
Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10. ...
GHSA-fmqf-pmcm-8cx9
Mattermost doesn't validate user channel membership when attaching Mattermost posts as comments to Jira issues
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-13767 Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachments from channels they do not have access to. | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13767 Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10. ... | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-fmqf-pmcm-8cx9 Mattermost doesn't validate user channel membership when attaching Mattermost posts as comments to Jira issues | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу