CVE-2025-24490 | Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1 Boards Category sql injection

Posted by Angelo Barbosa | Feb 24, 2025 | CVE

A vulnerability was found in Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1. It has been rated as critical. This issue affects some unknown processing of the component Boards Category Handler. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-24490. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24490 | Mattermost up to 9.11.7/10.2.2/10.3.2/10.4.1 Boards Category sql injection

Related Posts

CVE-2023-51358 | Bright Plugins Block IPs for Gravity Forms Plugin up to 1.0.1 on WordPress cross-site request forgery

CVE-2024-45280 | SAP NetWeaver AS Java 7.50 Logon Application cross site scripting

CVE-2024-26619 | Linux Kernel up to 6.7.2 riscv use after free (2fa79badf4bf/78996eee79eb)

CVE-2024-5060 | LottieFiles Plugin up to 1.10.9 on WordPress cross site scripting