Mattermost: >> Mattermost Mobile >> 2.32.0 Security Vulnerabilities
Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermost instance or on-path attacker to obtain user session credentials via crafted token-in-URL responses
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-13