Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to validate the X-Requested-With header on the burn-on-read reveal endpoint which allows an authenticated channel member to force the reveal of a burn-on-read message without recipient consent via a crafted Markdown image tag.. Mattermost Advisory ID: MMSA-2026-00636
AnalysisAI
Authenticated Mattermost channel members can forcibly reveal burn-on-read messages without recipient consent by exploiting missing X-Requested-With header validation on the reveal endpoint through crafted Markdown image tags. This bypasses the intended ephemeral messaging security control in Mattermost versions 11.4.x through 11.4.3 and 11.5.x through 11.5.1. The CVSS vector indicates network-accessible exploitation by low-privileged authenticated users with low attack complexity. Exploitation status: no public exploit identified at time of analysis. EPSS data not provided.
Technical ContextAI
Burn-on-read is a Mattermost feature providing ephemeral messaging where messages are automatically deleted after being viewed by recipients. The vulnerability stems from inadequate Origin header validation (CWE-346: Origin Validation Error) on the burn-on-read reveal API endpoint. The endpoint fails to validate the X-Requested-With header, a common CSRF defense mechanism. Attackers exploit this by embedding malicious Markdown image tags in channel messages. When the Markdown renderer processes the image tag, it triggers an HTTP request to the reveal endpoint without proper origin checks, causing the burn-on-read message to be revealed server-side. The affected CPE (cpe:2.3:a:mattermost:mattermost) confirms this impacts the core Mattermost server application across specified version ranges, not plugins or mobile clients.
RemediationAI
Upgrade to Mattermost server versions newer than 11.5.1 or 11.4.3 as the vendor has released fixes per advisory MMSA-2026-00636. Specific patched versions not published in available data - consult https://mattermost.com/security-updates for exact fixed release numbers. As interim mitigation if immediate patching is infeasible, consider disabling burn-on-read messaging feature entirely until upgrade completes, though this eliminates the feature's business value. Implement strict channel membership controls to limit authenticated user access to sensitive burn-on-read channels, reducing insider threat surface. Configure web application firewalls to enforce X-Requested-With header presence on API endpoints if architectural compatibility permits, though this may break legitimate integrations. Monitor server logs for unusual access patterns to burn-on-read reveal endpoints, particularly high-frequency requests from single authenticated sessions. Note that compensating controls cannot fully prevent exploitation by legitimate authenticated channel members.
More in Mattermost
View allDenial of service in linkify-it (npm) through v5.0.0 lets remote unauthenticated attackers wedge a rendering worker by s
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large auto
Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded w
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perf
Fleet is an open source osquery manager. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable,
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to disallow unsolicited invit
Dex is a federated OpenID Connect provider written in Go. Rated critical severity (CVSS 9.6), this vulnerability is remo
Improper output escaping in NousResearch Hermes Agent versions up to 2026.4.16 allows remote unauthenticated attackers t
Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, wh
Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker posse
Privilege escalation in Mattermost server (11.6.x, 11.5.x, and 10.11.x branches) allows a low-privileged user holding gr
Authorization bypass in Mattermost Plugin Legal Hold versions <=1.1.4 allows authenticated attackers to manipulate legal
Same weakness CWE-346 – Origin Validation Error
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30749
GHSA-xvcx-mgpc-5xh3