CVE-2025-9081
Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration
Vendor
Product
CWE
Yayın Tarihi
2025-09-19 20:15:40
Güncelleme
2025-09-25 20:14:59
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-