First published: Tue Dec 12 2023(Updated: )
Mattermost fails to to check the length when setting the title in a run checklist in Playbooks, allowing an attacker to send a specially crafted request and crash the Playbooks plugin
Credit: responsibledisclosure@mattermost.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mattermost Mattermost Server | <=7.8.14 | |
Mattermost Mattermost Server | >=8.0.0<=8.1.5 | |
Mattermost Mattermost Server | >=9.0.0<=9.0.3 | |
Mattermost Mattermost Server | >=9.1.1<=9.1.2 | |
Mattermost Mattermost Server | >=9.2.0<=9.2.1 |
Update Mattermost Server to versions 8.1.6, 9.0.4, 9.1.3, 9.2.2 or higher.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.