Security Advisory

CVE-2025-9081

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-19 19:36:14

Last updated 2025-09-19 19:52:03

Assigner Mattermost

State PUBLISHED

Description

Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration

← Browse all CVEs View on cve.org ↗