Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A specifically drafted Playbook could trigger large amount of webhook requests leading to Denial of Service
Vulnerability Description
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost Playbooks plugin 1.24.0 版本及之前版本存在安全漏洞,该漏洞源于无法正确检查 webhook 数量的限制,这允许经过身份验证和授权的用户创建一个专门起草的 Playbook,这可能会触发大量导致拒绝服务的 webhook 请求。
CVSS Information
N/A
Vulnerability Type
N/A