CVE-2025-24490

CRITICAL LAB

Mattermost 9.11.0-9.11.7, 10.2.0-10.2.2, 10.3.0-10.3.2, 10.4.0-10.4.1 - SQL Injection via Boards Reordering

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-24490. PoCs published by exploitintel.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2025-24490, a SQL injection vulnerability in Mattermost Boards Plugin. It includes multiple PoC scripts demonstrating time-based and error-based SQLi techniques, along with detailed technical analysis and lab setup instructions.

Description

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.

Exploits (1)

github WORKING POC 1 stars

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2025-24490

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2025-24490, a SQL injection vulnerability in Mattermost Boards Plugin. It includes multiple PoC scripts demonstrating time-based and error-based SQLi techniques, along with detailed technical analysis and lab setup instructions.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Mattermost Server (Boards / Focalboard Plugin) ≤ 10.4.1, ≤ 10.3.2, ≤ 10.2.2, ≤ 9.11.7; Boards Plugin ≤ v9.0.4

Auth required

Prerequisites: Docker Engine with Compose plugin · Python 3 · jq installed on the host

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Mar 02, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://mattermost.com/security-updates

Scores

CVSS v3 9.6

EPSS 0.0041

EPSS Percentile 32.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Lab Environment

EIP LAB

vulnerable docker pull ghcr.io/exploitintel/cve-2025-24490-vulnerable:latest

View in Library GitHub

Details

CWE

CWE-89

Status published

Products (1)

mattermost/mattermost_server 9.11.0 - 9.11.8

Published Feb 24, 2025

Tracked Since Feb 18, 2026