CVE-2025-12756
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users.
Vendor
Product
CWE
Yayın Tarihi
2025-12-01 20:15:49
Güncelleme
2025-12-05 15:26:22
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-