CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9084

Mattermost versions 10.5.x <= 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.3%

CVSS Severity

CVSS v3 Score 3.1

References

https://mattermost.com/security-updates

Products affected by CVE-2025-9084

Mattermost » Mattermost Server » Version: 10.5.0

cpe:2.3:a:mattermost:mattermost_server:10.5.0
Mattermost » Mattermost Server » Version: 10.5.1

cpe:2.3:a:mattermost:mattermost_server:10.5.1
Mattermost » Mattermost Server » Version: 10.5.2

cpe:2.3:a:mattermost:mattermost_server:10.5.2
Mattermost » Mattermost Server » Version: 10.5.3

cpe:2.3:a:mattermost:mattermost_server:10.5.3
Mattermost » Mattermost Server » Version: 10.5.4

cpe:2.3:a:mattermost:mattermost_server:10.5.4
Mattermost » Mattermost Server » Version: 10.5.5

cpe:2.3:a:mattermost:mattermost_server:10.5.5
Mattermost » Mattermost Server » Version: 10.5.6

cpe:2.3:a:mattermost:mattermost_server:10.5.6
Mattermost » Mattermost Server » Version: 10.5.7

cpe:2.3:a:mattermost:mattermost_server:10.5.7
Mattermost » Mattermost Server » Version: 10.5.8

cpe:2.3:a:mattermost:mattermost_server:10.5.8
Mattermost » Mattermost Server » Version: 10.5.9

cpe:2.3:a:mattermost:mattermost_server:10.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9084

Products

Pricing

Contact Us