Modal Management Vulnerability in Mattermost Desktop App by Mattermost
CVE-2025-55035

6.1MEDIUM

Key Information:

Vendor: Mattermost
Status: Mattermost
Vendor: CVE Published:; 16 October 2025

What is CVE-2025-55035?

The Mattermost Desktop App versions up to 5.13.0 contains a flaw in managing modal popups, particularly affecting users connecting to servers using basic authentication. An attacker can exploit this vulnerability by tricking users into configuring a malicious server, leading the application to display a persistent modal popup that prevents user interaction. This effectively denies users access to the application, posing significant usability concerns.

Affected Version(s)

Mattermost 0 <= 5.0.13

Mattermost 5.13.1.0

References

https://mattermost.com/security-updates

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2025
Vulnerability Reserved
Sep 11, 2025

Credit

Doyensec

JSON