Описание
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6 fail to properly validate synced reactions, when shared channels are enabled, which allows a malicious remote to create arbitrary reactions on arbitrary posts
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mattermost-server | itp | package |
EPSS
Процентиль: 37%
0.00155
Низкий
Связанные уязвимости
CVSS3: 2.7
nvd
больше 1 года назад
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6 fail to properly validate synced reactions, when shared channels are enabled, which allows a malicious remote to create arbitrary reactions on arbitrary posts
CVSS3: 2.7
github
больше 1 года назад
Mattermost failed to properly validate synced reactions
EPSS
Процентиль: 37%
0.00155
Низкий