icon

We found results for “

CVE-2025-9084

Good to know:

icon
icon

Date: September 15, 2025

Mattermost versions 10.5.x <= 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs

Severity Score

Severity Score

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

Top Fix

icon

Upgrade Version

Upgrade to version github.com/mattermost/mattermost - v10.5.10;github.com/mattermost/mattermost-server - v10.5.10

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us