Aggregator

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

最近的攻防演练中经常遇到jeecgboot，故整理一篇漏洞总结文章方便日后查阅，并且根据tscan脚本规则编写了其中一部分的poc。

强势围观

强势围观

强势围观

强势围观

强势围观

强势围观

强势围观

A vulnerability classified as critical was found in Mattermost up to 9.11.8/10.3.3/10.4.2/10.5.0. Affected by this vulnerability is an unknown functionality of the component Plugin Endpoint. The manipulation leads to missing authentication. This vulnerability is known as CVE-2025-25068. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mattermost up to 9.11.8/10.3.3/10.4.2. Affected is an unknown function of the component Archived Channel Handler. The manipulation leads to incorrect authorization. This vulnerability is traded as CVE-2025-25274. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 9.11.8/10.3.3/10.4.2/10.5.0. It has been rated as problematic. This issue affects some unknown processing of the component Archived Channel Handler. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2025-24920. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 9.11.8/10.4.x. It has been declared as problematic. This vulnerability affects unknown code of the component Permalink Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2025-27715. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 9.11.8/10.3.3/10.4.2. It has been classified as problematic. This affects an unknown part of the component MFA. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-30179. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 9.11.8/10.3.3/10.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Channel Conversion Handler. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2025-27933. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.