Описание
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.24.0 (включая)
cpe:2.3:a:mattermost:playbooks:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00363
Низкий
3.5 Low
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-770
CWE-770
Связанные уязвимости
CVSS3: 6.5
github
почти 4 года назад
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.
EPSS
Процентиль: 58%
0.00363
Низкий
3.5 Low
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-770
CWE-770