Vulnerabilities

CVE-2025-59480

by Fred · 13/11/2025

Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermost instance or on-path attacker to obtain user session credentials via crafted token-in-URL responses More information : https://mattermost.com/security-updates

Similar

Tags: Cybersecurity Alert