First published: Fri Jun 16 2023(Updated: )
Credit: responsibledisclosure@mattermost.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mattermost Mattermost | >=7.8.0<=7.8.3 | |
Mattermost Mattermost | >=7.9.0<=7.9.2 | |
Mattermost Mattermost | =7.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-2793.
The severity of CVE-2023-2793 is medium.
Mattermost fails to validate links on external websites when constructing a preview for a linked website.
The vulnerability allows an attacker to cause a denial-of-service by linking to a specially crafted webpage in a message.
To fix CVE-2023-2793, update your Mattermost installation to a version that includes the security updates provided by the vendor.