Vulnerability Database

310,472

Total vulnerabilities in the database

CVE-2025-12421

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).

Published: Nov 27, 2025
Updated: Nov 28, 2025
CVE: CVE-2025-12421
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.9
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-303

Affected Software
References

Software	From	Fixed in
mattermost / mattermost_server	10.5.0	10.5.13
mattermost / mattermost_server	10.11.0	10.11.5
mattermost / mattermost_server	10.12.0	10.12.2
mattermost / mattermost_server	11.0.0	11.0.3

https://mattermost.com/security-updates

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo