CVE-2024-29977 Malicious remote can create arbitrary reactions on arbitrary posts

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6 fail to properly validate synced reactions, when shared channels are enabled, which allows a malicious remote to create arbitrary reactions on arbitrary posts...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from a failure to properly validate synchronized reactions when shared channels are enabled, which allows a malicious remote person to create...