CVE-2025-41443 | Mattermost up to 10.5.10/10.11.2 Guest User Permission ids authorization

Inserito da Angelo Barbosa | Ott 16, 2025 | CVE

A vulnerability identified as problematic has been detected in Mattermost up to 10.5.10/10.11.2. This vulnerability affects unknown code of the file /api/v4/teams/{team_id}/channels/ids of the component Guest User Permission Handler. This manipulation causes missing authorization.

This vulnerability is handled as CVE-2025-41443. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2025-41443 | Mattermost up to 10.5.10/10.11.2 Guest User Permission ids authorization

Post correlati

CVE-2024-10633 | AYS Pro Plugins Quiz Maker Business, Developer, and Agency Plugin up to 21.8.0 on WordPress Shortcode neutralization of directives

CVE-2025-8804 | Open5GS up to 2.7.5 AMF ngap_build_downlink_nas_transport assertion (Issue 3950)

CVE-2024-56356 | JetBrains TeamCity up to 2024.11 XMLParser xml external entity reference

CVE-2024-6644 | zmops ArgusDBM up to 0.1.0 AviatorScript CalculateAlarm.java getDefaultClassLoader deserialization (Issue 64)