CVE-2025-62190 | Mattermost up to 10.11.6/10.12.2/11.0.4 Calls Widget Page cross-site request forgery

A vulnerability identified as problematic has been detected in Mattermost up to 10.11.6/10.12.2/11.0.4. Affected by this issue is some unknown functionality of the component Calls Widget Page. Performing manipulation results in cross-site request forgery.

This vulnerability is known as CVE-2025-62190. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More