Veröffentlicht am von ms-freelancer

CVE-2026-2463 – Unauthorized access to invite ID during team creation

CVE ID :CVE-2026-2463

Published : March 16, 2026, 11:13 a.m. | 56 minutes ago

Description :Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to filter invite IDs based on user permissions, which allows regular users to bypass access control restrictions and register unauthorized accounts via leaked invite IDs during team creation.. Mattermost Advisory ID: MMSA-2025-00565
Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…