CVE-2025-3228 in Mattermost
要約
〜によって MITRE • 2025年06月20日
Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.