CVE-2024-32945
LOWDescription
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| mattermost | mattermost_mobile |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-32945? +
How severe is CVE-2024-32945? +
What products are affected by CVE-2024-32945? +
How do I check if I'm vulnerable to CVE-2024-32945? +
Related Vulnerabilities
ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to …
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a …
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: …
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file
PAD CMS improperly initializes parameter used for password recovery, which allows to change password for any user that did not …
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() The simple_write_to_buffer() …