PT-2025-51853 · Mattermost · Mattermost Desktop App
Doyensec
·
Published
2025-12-17
·
Updated
2025-12-17
·
CVE-2025-13321
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mattermost versions prior to 6.0.0
Description
The Mattermost Desktop App does not properly remove sensitive information from its logs or clear data when a server is deleted. This could allow an attacker who has access to a user's system to obtain potentially sensitive information by reading the application logs.
Recommendations
Update to Mattermost Desktop App version 6.0.0 or later.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mattermost Desktop App