Количество 3
Количество 3
CVE-2025-6226
Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 9.11.x <= 9.11.16 fail to verify authorization when retrieving cached posts by PendingPostID which allows an authenticated user to read posts in private channels they don't have access to via guessing the PendingPostID of recently created posts.
CVE-2025-6226
Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <= 10.7 ...
GHSA-7h34-9chr-58qh
Mattermost Missing Authentication for Critical Function
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-6226 Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 9.11.x <= 9.11.16 fail to verify authorization when retrieving cached posts by PendingPostID which allows an authenticated user to read posts in private channels they don't have access to via guessing the PendingPostID of recently created posts. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-6226 Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <= 10.7 ... | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-7h34-9chr-58qh Mattermost Missing Authentication for Critical Function | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу