Mattermost fails to enforce character limits in all possible notification props allowing an attacker toΒ send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.
CPE | Name | Operator | Version |
---|---|---|---|
mattermost | ge | 7.0.0 | |
mattermost | lt | 7.8.10 | |
mattermost | ge | 8.1.0 | |
mattermost | lt | 8.1.1 | |
mattermost | ge | 8.0.0 | |
mattermost | lt | 8.0.2 |