Miggo Logo

CVE-2025-53971: Mattermost Fails to Properly Validate Team Role Modification

3.8

CVSS Score
3.1

Basic Information

EPSS Score
0.04385%
Published
8/21/2025
Updated
8/21/2025
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/mattermost/mattermost-servergo>= 10.5.0, <= 10.5.810.5.9
github.com/mattermost/mattermost-servergo>= 9.11.0, <= 9.11.179.11.18
github.com/mattermost/mattermost/server/v8go< 8.0.0-20250721095846-c602a4a78e1f8.0.0-20250721095846-c602a4a78e1f

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

M*tt*rmost v*rsions **.*.x <= **.*.*, *.**.x <= *.**.** **il to prop*rly v*li**t* *ut*oriz*tion *or t**m s***m* rol* mo*i*i**tions w*i** *llows T**m **mins to **mot* T**m M*m**rs to *u*sts vi* t** PUT /*pi/v*/t**ms/t**m-i*/m*m**rs/us*r-i*/s***m*Rol*s

Reasoning

No *n*lysis *v*il**l*