We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Mattermost versions 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post types, which allows attackers to deny service to users with the sysconsole_read_plugins permission via creating a post with the custom_pl_notification type and specific props.
Reserved 2025-01-08 | Published 2025-01-09 | Updated 2025-01-09 | Assigner MattermostCWE-1287: Improper Validation of Specified Type of Input
c0rydoras (c0rydoras)
mattermost.com/security-updates
Support options