CVE-2025-20036

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 15, 2025
CWE ID 1287

Summary

CVE-2025-20036 is a cybersecurity vulnerability affecting Mattermost Mobile Apps versions prior to 2.22.1. The flaw involves improper validation of post props, which can be exploited by authenticated attackers to cause a crash. Malicious users can craft a specially crafted post to bypass the validation checks and trigger the issue. Successful exploitation of this vulnerability could disrupt the normal functioning of the application, leading to potential downtime and inconvenience for users. It is recommended that organizations using affected versions of Mattermost Mobile Apps upgrade to the latest patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Mattermost Mobile

Affected Vendors

  • Mattermost, Inc.