Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.
2024-04-05T09:15:09.497
2024-12-12T21:38:08.237
Analyzed
CVSSv3.1: 4.3 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | mattermost | mattermost_server | < 8.1.11 | Yes |
Application | mattermost | mattermost_server | < 9.3.3 | Yes |
Application | mattermost | mattermost_server | < 9.4.4 | Yes |
Application | mattermost | mattermost_server | < 9.5.2 | Yes |