Teamplus: >> Team+ Pro >> 3.0.4.4 Security Vulnerabilities
Teamplus Pro community discussion function has an ‘allocation of resource without limits or throttling’ vulnerability. A remote attacker with general user privilege posting a thread with large content can cause the receiving client device to allocate too much memory, leading to abnormal termination of this client’s Teamplus Pro application.
CVSS Score
7.7
EPSS Score
0.004
Published
2022-08-02
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’ vulnerability on thread subject field. A remote attacker with general user privilege posting a thread subject with large content can cause the server to allocate too much memory, leading to missing partial post content and disrupt partial service.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-08-02
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process.
CVSS Score
7.7
EPSS Score
0.003
Published
2022-07-20