Количество 3
Количество 3
CVE-2025-3230
Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.
CVE-2025-3230
Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5 ...
GHSA-mc2f-jgj6-6cp3
Mattermost fails to properly invalidate personal access tokens upon user deactivation
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-3230 Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens. | CVSS3: 5.4 | 0% Низкий | 8 месяцев назад |
| CVE-2025-3230 Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5 ... | CVSS3: 5.4 | 0% Низкий | 8 месяцев назад |
| GHSA-mc2f-jgj6-6cp3 Mattermost fails to properly invalidate personal access tokens upon user deactivation | CVSS3: 5.4 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу