CVE-2024-47003
LOWDescription
Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to validate that the message of the permalink post is a string, which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| mattermost | mattermost_server |
| mattermost | mattermost_server |
| mattermost | mattermost_server |
| mattermost | mattermost_server |
| mattermost | mattermost_server |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-47003? +
How severe is CVE-2024-47003? +
What products are affected by CVE-2024-47003? +
How do I check if I'm vulnerable to CVE-2024-47003? +
Related Vulnerabilities
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates …
FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation …
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The devices improperly handle TLS requests associated with PROCOME sockets, …
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial of …
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows …
A DOS vulnerability in RSFiles! component 1.16.3-1.17.7 Joomla was discovered. The issue allows unauthenticated remote attackers to deny access to …