Количество 3
Количество 3
CVE-2026-4265
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to validate team-specific upload_file permissions which allows a guest user to post files in channels where they lack upload_file permission via uploading files in a team where they have permission and reusing the file metadata in a POST request to a different team. Mattermost Advisory ID: MMSA-2025-00553
CVE-2026-4265
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10. ...
GHSA-xpvf-6qcc-9jqc
Mattermost fails to validate team-specific upload_file permissions
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-4265 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to validate team-specific upload_file permissions which allows a guest user to post files in channels where they lack upload_file permission via uploading files in a team where they have permission and reusing the file metadata in a POST request to a different team. Mattermost Advisory ID: MMSA-2025-00553 | CVSS3: 4.3 | 0% Низкий | 13 дней назад |
| CVE-2026-4265 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10. ... | CVSS3: 4.3 | 0% Низкий | 13 дней назад |
| GHSA-xpvf-6qcc-9jqc Mattermost fails to validate team-specific upload_file permissions | CVSS3: 4.3 | 0% Низкий | 13 дней назад |
Уязвимостей на страницу