CVE-2025-3228 in Mattermost
요약
\~에 의해 MITRE • 2025. 06. 20.
Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.