CVE-2023-49607
published 2023-12-12CVE-2023-49607: Mattermost fails to validate the type of the "reminder" body request parameter allowing an attacker to crash the Playbook Plugin when updating the status…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Mattermost fails to validate the type of the "reminder" body request parameter allowing an attacker to crash the Playbook Plugin when updating the status dialog.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mattermost | mattermost | <= 8.1.5 | — |
| mattermost | mattermost_server | <= 7.8.14 | — |
| mattermost | mattermost_server | — | — |
| mattermost | mattermost_server | 8.0.0 – 8.1.5 | — |
| mattermost | mattermost_server | 9.0.0 – 9.0.3 | — |
| mattermost | mattermost_server | 9.1.0 – 9.1.2 | — |
| mattermost | mattermost_server | 9.2.0 – 9.2.1 | — |