Approved changes feed: RSS · Atom
cpe:2.3:a:mattermost:zoom:*:*:*:*:*:mattermost:*:*
part: a version: * update: *
| Vendor | Mattermost (ed0788ef-af60-58f1-b6aa-68289d9946dc) |
|---|---|
| Product | Zoom (56c660a1-3cf5-55f8-b073-05699b8f8e7d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | mattermost |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0998 |
vulnerable | 2026-06-03 15:14:43.341404 |
Mattermost Zoom Plugin allows unauthorized meeting creation and post modification via insufficient API access controls
MEDIUM (4.3)
Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate user identity and post ownership in the {{/api/v1/askPMI}} endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via direct API calls with manipulated user IDs and post data.. Mattermost Advisory ID: MMSA-2025-00534
Published: 2026-02-16T09:54:24.732Z
Updated: 2026-02-17T15:00:44.691Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0997 |
vulnerable | 2026-06-03 15:14:43.340935 |
Mattermost Zoom Plugin channel preference API lacks authorization checks
MEDIUM (4.3)
Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate the authenticated user when processing {{/plugins/zoom/api/v1/channel-preference}}, which allows any logged-in user to change Zoom meeting restrictions for arbitrary channels via crafted API requests.. Mattermost Advisory ID: MMSA-2025-00558
Published: 2026-02-16T09:58:41.450Z
Updated: 2026-02-17T15:00:18.867Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.