CVE-2025-36530Path Traversal in Mattermost Mattermost-server

CWE-22Path Traversal5 documents4 sources
Severity
4.9MEDIUMNVD
CNA6.8
EPSS
0.1%
top 84.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Github.com Mattermost Mattermost-serverGithub.com Mattermost Mattermost Server V8Mattermost Server+3 more
Timeline
PublishedAug 21
Latest updateAug 29

Description

Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin signature enforcement and marketplace restrictions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages6 packages

NVDmattermost/mattermost_server9.11.09.11.18+3
Gogithub.com/mattermost_mattermost_server_v8< 8.0.0-20250619095651-9dd0b3943e55
CVEListV5mattermost/mattermost10.9.010.9.1+3

🔴Vulnerability Details

4
OSV
Mattermost Fails to Validate File Paths in github.com/mattermost/mattermost-server2025-08-29
GHSA
Mattermost Fails to Validate File Paths2025-08-21
CVEList
Import Path Traversal Enables Unauthorized Unsigned Plugin Installation2025-08-21
OSV
Mattermost Fails to Validate File Paths2025-08-21
CVE-2025-36530 — Path Traversal | cvebase