Home
LOW: 2.0 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NDefault status
unaffected
Any version
affected
2.26.0
unaffected
Description
Mattermost Mobile Apps versions <=2.25.0 fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications
Problem types
CWE-613: Insufficient Session Expiration
Product status
Any version
2.26.0
Credits
Elias Nahum
References
mattermost.com/security-updates