What the vulnerability does
01Description
Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions
CVE-2025-47700
LOW
CVE-2025-47700: AI plugin APIs can be triggered using post actions
CVSS base score
3.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
August 21, 2025
CVE published
August 21, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-10056 Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery
CVE-2026-41130 Craft CMS has a host header injection leading to SSRF via resource-js endpoint
CVE-2025-62616 AutoGPT has SSRF vulnerability in SendDiscordFileBlock
CVE-2026-45412 MaxKB: Unauthenticated SSRF via Workflow Template Import
CVE-2022-45152
