Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559
AnalysisAI
Mattermost Plugins versions 11.3 and earlier fail to implement proper authorization checks on comment block modifications, allowing authenticated users with editor permissions to modify comments created by other board members without restriction. An authorized attacker can alter or tamper with comments from colleagues, potentially modifying project records, discussions, or audit trails. With a CVSS score of 4.3 and low attack complexity, this represents a moderate integrity risk in collaborative environments where comment authenticity is important, though exploitation requires prior authentication and editor-level access.
Technical ContextAI
The vulnerability exists in Mattermost Plugins, a collaborative workspace platform that handles comment and board management functionality. The root cause is classified under CWE-639 (Authorization Bypass Through User-Controlled Key), indicating that the application fails to properly validate whether a user has authorization to modify specific comment objects before allowing the modification operation to proceed. The affected versions include Mattermost Plugins 11.3, 11.0.3, 11.2.2, and 10.10.11.0 across multiple release branches. The vulnerability specifically impacts the comment block modification subsystem, where authorization logic either does not exist or can be bypassed by users holding editor permissions, potentially through object reference manipulation or insufficient ownership/creator checks at the API or business logic layer.
RemediationAI
Upgrade Mattermost Plugins to a patched version released after advisory MMSA-2025-00559 was published; consult the Mattermost security bulletin for the specific minimum patched version number for your release branch (e.g., if running 11.x, upgrade to the next available 11.x patch or migrate to a stable later branch). Until patching can be applied, implement compensating controls by restricting editor permissions to only trusted users, disabling board comment modification features if not essential, and enabling audit logging on all comment modifications to detect unauthorized changes after the fact. Additionally, consider role-based access controls that limit who can be granted editor permissions in the first place.
Same technique Authentication Bypass
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Leap 15.6 | Fixed |
| SUSE Linux Enterprise Module for Package Hub 15 SP5 | Fixed |
| SUSE Linux Enterprise Module for Package Hub 15 SP6 | Fixed |
| openSUSE Leap 15.5 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12411
GHSA-hf8w-x9h5-5gf9