GHSA-6MX3-9QFH-77GJ Mattermost denial of service through long emoji value

Mattermost fails to properly validate the length of the emoji value in the custom user status, allowing an attacker to send multiple times a very long string as an emoji value causing high resource consumption and possibly crashing the server...

PT-2024-2031 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions prior to v8.1.9 Description: The issue is related to uncontrolled resource consumption. An attacker can exploit this by setting a custom user status with an emoji value as a very long string, causing high resource...