CVE-2025-20051

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards.

Published: Feb 24, 2025
Updated: Jun 30, 2025
CVE: CVE-2025-20051
GHSA: GHSA-v469-7wp6-7cvp
Severity: Critical
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
github.com/mattermost/mattermost/server/v8	-	8.0.0-20250122165010-4ed702ccff4e
github.com/mattermost/mattermost/server/v8	9.11.0-rc1	9.11.8
github.com/mattermost/mattermost/server/v8	10.2.0-rc1	10.2.3
github.com/mattermost/mattermost/server/v8	10.3.0-rc1	10.3.3
github.com/mattermost/mattermost/server/v8	10.4.0-rc1	10.4.2

https://github.com/mattermost/mattermost-plugin-boards/commit/025ce8d363a054473bc002f43f602a4032d38c06
https://github.com/mattermost/mattermost/commit/4ed702ccff4ec3c9eff832a9b6060f9f4454141d
https://mattermost.com/security-updates

Vulnerability Database

289,784

CVE-2025-20051