CVE-2025-11776 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Mattermost versions
Medium CVSS: 4.3

CVE-2025-11776

Mattermost versions <11 fail to properly restrict access to archived channel search API which allows guest users to discover archived public channels via the `/api/v4/teams/{team_id}/channels/search_archived` endpoint
Vendor
Mattermost
Product
Mattermost Server
CWE
CWE-863
Yayın Tarihi
2025-11-14 08:15:43
Güncelleme
2025-11-17 17:52:51
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-

Kategoriler

CWE-863 Mattermost Server MEDIUM Mattermost 2025

Referanslar

https://mattermost.com/security-updates