CVE-2025-2424 in Mattermost
要約
〜によって MITRE • 2025年04月14日
Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.