Mattermost, an open-source platform for team communication and collaboration, has addressed three critical security vulnerabilities affecting its Boards plugin. The vulnerabilities, identified as CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279, could allow attackers to read arbitrary files on the system and execute SQL injection attacks.
Vulnerability Details:
- CVE-2025-20051 (CVSS 9.9): This vulnerability enables arbitrary file reads via block duplication in Mattermost Boards. Attackers can exploit this flaw by duplicating a specially crafted block, potentially gaining access to sensitive information.
- CVE-2025-24490 (CVSS 9.6): This SQL injection vulnerability allows attackers to retrieve data from the Mattermost database by manipulating board category ID reordering requests. Successful exploitation could lead to data breaches and unauthorized access.
- CVE-2025-25279 (CVSS 9.9): This vulnerability allows arbitrary file reads via the import and export functionality in Mattermost Boards. Attackers can craft malicious import archives to exploit this flaw, potentially compromising sensitive data.
Affected Versions:
The vulnerabilities affect Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, and 10.2.x <= 10.2.2.
Solution:
Mattermost urges users to update to the latest versions, including 10.5.0, 10.4.2, 9.11.8, 10.3.3, and 10.2.3, to mitigate these vulnerabilities. Alternatively, updating the Mattermost Boards plugin to v9.0.5 or higher will also address these issues.
Organizations and individuals relying on Mattermost are strongly encouraged to apply the necessary updates to protect their systems and data from potential attacks.
