Описание
Mattermost Server vulnerable to Denial of Service through @ character prefix inserted into JavaScript field names
An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.
Пакеты
github.com/mattermost/mattermost-server
< 4.2.2
4.2.2
github.com/mattermost/mattermost-server
>= 4.3.0-rc1, < 4.3.4
4.3.4
github.com/mattermost/mattermost-server
>= 4.4.0-rc1, < 4.4.5
4.4.5
github.com/mattermost/mattermost-server
>= 4.5.0-rc1, < 4.5.0
4.5.0
Связанные уязвимости
An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.
An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3. ...