CVE-2025-3230
Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost ServerMattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.
We have discovered 54 live websites that are affected by CVE-2025-3230.
Affected Software
| Product |  Mattermost |
| Category | Message Boards |
| Vulnerable Domains | 54 live websites (13% of Mattermost install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 8 versions ( 12% of all versions) |
Common Weakness Enumeration
CWE-303 Incorrect Implementation of Authentication AlgorithmDetails
- Published - May 30, 2025
- Updated - May 30, 2025
Credits
- eAhmed (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-3230 United States | 7 websites |
 Czech Republic | 9 websites |
 Germany | 9 websites |
 Russia | 8 websites |
 GB | 5 websites |
 France | 3 websites |
 Japan | 2 websites |
 Netherlands | 2 websites |
 Turkmenistan | 2 websites |
Website Distribution by TLD
Number of websites using CVE-2025-3230| .ru | 18 websites |
| .org | 11 websites |
| .com | 5 websites |
| .de | 5 websites |
| .be | 1 websites |
| .fr | 1 websites |
| .net | 1 websites |
| .se | 1 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-3230
Top websites that are affected by CVE-2025-3230. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***********.ru | Russia | *,***,*** | |
| *****.*************.org | GB | *,***,*** | |
| *******************.com |  Singapore | **,***,*** | |
| ******.*************.org | GB | **,***,*** | |
| *****.****.to | Japan | **,***,*** | |
| ****.************.se |  Sweden | **,***,*** | |
| *******.*************.org | GB | **,***,*** | |
| **.********.com | United States | **,***,*** | |
| ****.*************.fm | Netherlands | **,***,*** | |
| *****.****.ru | Czech Republic | **,***,*** |
FAQ
CVE-2025-3230 is Incorrect Implementation of Authentication Algorithm in Mattermost
A total of 54 websites have been identified as vulnerable to CVE-2025-3230, based on global website indexing conducted by WebTechSurvey.
The Mattermost is affected by the CVE-2025-3230 vulnerability.
Mattermost versions up to and including 10.7 are vulnerable to CVE-2025-3230.