Author: Angelo Barbosa

A vulnerability, which was classified as problematic, has been found in Mattermost up to 9.11.7/10.1.3/10.2.2/10.3.2/10.4.1. Affected by this issue is some unknown functionality of the component Archived Channel Handler. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2025-24526. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability classified as critical was found in Mattermost up to 9.11.6/10.4.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. This vulnerability is known as CVE-2025-1412. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability classified as critical has been found in Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1. Affected is an unknown function of the component Archive Import Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2025-25279. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1. It has been rated as critical. This issue affects some unknown processing of the component Boards Category Handler. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-24490. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1. It has been declared as critical. This vulnerability affects unknown code of the component Block Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2025-20051. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected...