CVE-2025-22449

Published: 2025-01-09T07:15Z

Last Modified: 2025-01-09T07:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allow_open_invite" field via making their team public. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt