Detections
Analytics

Mattermost Server 10.11.x <= 10.11.13 / 11.5.x <= 11.5.1 Multiple Vulnerabilities (MMSA-2026-00570 / MMSA-2026-00575 / MMSA-2026-00582 / MMSA-2026-00622)

medium Nessus Plugin ID 316489

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities:

 - Mattermost fails to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect slash command responses to an attacker-controlled server via a spoofed Host header. Mattermost Advisory ID: MMSA-2026-00582. (CVE-2026-6333)

 - Mattermost fails to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those values. Mattermost Advisory ID: MMSA-2026-00622.
 (CVE-2026-3495)

 - Mattermost fails to validate that the RefreshedToken differs from the original invite token during remote cluster invite confirmation which allows an authenticated attacker to bypass token rotation and reuse the original invite token via sending a crafted invite confirmation with a RefreshedToken matching the original token. Mattermost Advisory ID: MMSA-2026-00575. (CVE-2026-4273)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Mattermost Server version 10.11.14, 11.5.2, 11.6.0 or later.

See Also

https://mattermost.com/security-updates/

Plugin Details

Severity: Medium

ID: 316489

File Name: mattermost_server_MMSA-2026-00570_00575_00582_00622.nasl

Version: 1.1

Type: Remote

Family: CGI abuses

Published: 5/22/2026

Updated: 5/22/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:N

CVSS Score Source: CVE-2026-3495

CVSS v3

Risk Factor: Medium

Base Score: 5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CVSS Score Source: CVE-2026-6333

Vulnerability Information

CPE: cpe:/a:mattermost:mattermost_server

Required KB Items: installed_sw/Mattermost Server

Patch Publication Date: 4/15/2026

Vulnerability Publication Date: 4/15/2026

Reference Information

CVE: CVE-2026-3495, CVE-2026-4273, CVE-2026-6333, CVE-2026-6334

IAVA: 2026-A-0492