- Description
- Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL.. Mattermost Advisory ID: MMSA-2026-00628
- Source
- responsibledisclosure@mattermost.com
- NVD status
- Analyzed
- Products
- mattermost_server
CVSS 3.1
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- responsibledisclosure@mattermost.com
- CWE-863
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6696A83A-CD06-45BD-A4C1-16A09C4CA15B",
"versionEndExcluding": "10.11.15",
"versionStartIncluding": "10.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB489375-1F54-4A24-AE2C-37D92B27FF4D",
"versionEndExcluding": "11.4.5",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "617D4791-A087-42E8-BF73-B39B30CB29C8",
"versionEndExcluding": "11.5.4",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77708744-DCB4-4AE3-8146-CB043DAB6FBB",
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]