← volver
CVE-2025-62690

Open redirect in error page when link opened in new tab

CVSS 3.1 LOWEPSS 0.1%CWE-601
Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious site via a crafted link opened in a new tab.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
Mattermost · Mattermost

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://mattermost.com/security-updates