CVE-2025-3228 in Mattermost
Sumário
de MITRE • 20/06/2025
Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.