CVE-2025-2475 in Mattermost
要約
〜によって MITRE • 2025年04月14日
Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.