Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WebApp crash via improper validation of proto style in attachments
Vulnerability Description
Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the frontend via crafted malicious input.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不正确的类型转换
Vulnerability Title
Mattermost 代码问题漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在代码问题漏洞,该漏洞源于未能正确验证提供给操作样式的proto样式,允许攻击者通过精心设计的恶意输入使前端崩溃。
CVSS Information
N/A
Vulnerability Type
N/A