Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-69pr-78gv-7c6h: Mattermost Improper Validation of Specified Type of Input vulnerability

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to properly validate the type of callProps which allows a user to cause a client side (webapp and mobile) DoS to users of particular channels, by sending a specially crafted post.

ghsa
#vulnerability#web#git#perl
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2024-54083

Mattermost Improper Validation of Specified Type of Input vulnerability

Moderate severity GitHub Reviewed Published Dec 16, 2024 to the GitHub Advisory Database • Updated Dec 16, 2024

Package

gomod github.com/mattermost/mattermost/server/v8 (Go)

Affected versions

>= 10.0.0, < 10.0.3

>= 9.11.0, < 9.11.5

>= 9.5.0, < 9.5.13

>= 10.1.0, < 10.1.3

Patched versions

10.0.3

9.11.5

9.5.13

10.1.3

Published to the GitHub Advisory Database

Dec 16, 2024

Last updated

Dec 16, 2024

ghsa: Latest News

GHSA-cmwp-442x-3rcv: Piranha CMS Cross-site Scripting vulnerability