Terminal Escape Injection in mmctl Report Posts Command

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599

Problem type

CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences

Affected products

Mattermost

Mattermost

<= 11.2.2 - AFFECTED

<= 10.11.10 - AFFECTED

<= 11.4.0 - AFFECTED

<= 11.3.1 - AFFECTED

11.5.0 - UNAFFECTED

11.2.3 - UNAFFECTED

10.11.11 - UNAFFECTED

11.4.1 - UNAFFECTED

11.3.2 - UNAFFECTED

References

MMSA-2026-00599

https://mattermost.com/security-updates

vendor-advisory

GitHub Security Advisories

GHSA-3439-vqgj-2gcf

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1...

https://github.com/advisories/GHSA-3439-vqgj-2gcf

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-3108

mattermost.com

https://mattermost.com/security-updates

github.com

https://github.com/advisories/GHSA-3439-vqgj-2gcf

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-3108

Click to expand

{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-3108",
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "dateUpdated": "2026-03-26T17:51:15.326Z",
    "dateReserved": "2026-02-24T10:50:40.507Z",
    "datePublished": "2026-03-26T16:16:49.790Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost",
        "dateUpdated": "2026-03-26T16:16:49.790Z"
      },
      "title": "Terminal Escape Injection in mmctl Report Posts Command",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599"
        }
      ],
      "affected": [
        {
          "vendor": "Mattermost",
          "product": "Mattermost",
          "defaultStatus": "unaffected",
          "versions": [
            {
              "version": "11.2.0",
              "status": "affected",
              "versionType": "semver",
              "lessThanOrEqual": "11.2.2"
            },
            {
              "version": "10.11.0",
              "status": "affected",
              "versionType": "semver",
              "lessThanOrEqual": "10.11.10"
            },
            {
              "version": "11.4.0",
              "status": "affected",
              "versionType": "semver",
              "lessThanOrEqual": "11.4.0"
            },
            {
              "version": "11.3.0",
              "status": "affected",
              "versionType": "semver",
              "lessThanOrEqual": "11.3.1"
            },
            {
              "version": "11.5.0",
              "status": "unaffected"
            },
            {
              "version": "11.2.3",
              "status": "unaffected"
            },
            {
              "version": "10.11.11",
              "status": "unaffected"
            },
            {
              "version": "11.4.1",
              "status": "unaffected"
            },
            {
              "version": "11.3.2",
              "status": "unaffected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
              "cweId": "CWE-150",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://mattermost.com/security-updates",
          "name": "MMSA-2026-00599",
          "tags": [
            "vendor-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ],
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "attackVector": "NETWORK",
            "attackComplexity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "REQUIRED",
            "scope": "CHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH"
          }
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update Mattermost to versions 11.5.0, 11.2.3, 10.11.11, 11.4.1, 11.3.2 or higher."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "winfunc",
          "type": "finder"
        }
      ]
    },
    "adp": [
      {
        "providerMetadata": {
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP",
          "dateUpdated": "2026-03-26T17:51:15.326Z"
        },
        "title": "CISA ADP Vulnrichment",
        "metrics": [
          {}
        ]
      }
    ]
  }
}