Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LaTeX post content manipulation via renderer state leak across contexts
Vulnerability Description
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
资源初始化缺失
Vulnerability Title
Mattermost Mobile Apps 安全漏洞
Vulnerability Description
Mattermost Mobile Apps是美国Mattermost公司的一款消息传递移动应用程序。 Mattermost Mobile Apps 2.16.0及之前版本存在安全漏洞,该漏洞源于未能防止滥用全局共享的MathJax状态,导致攻击者可通过创建特定的帖子来更改LateX帖子的内容。
CVSS Information
N/A
Vulnerability Type
N/A