Mattermost: >> Mattermost Server >> 9.2.3 Security Vulnerabilities
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post and to crash the server due to overloading when clients attempt to retrive the aforementioned post.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-02-09
Page 2