CVE-2023-49607

Summary

Mattermost fails to validate the type of the "reminder" body request parameter allowing an attacker to crash the Playbook Plugin when updating the status dialog.

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost0 <= 8.1.5affected
MattermostMattermost0 <= 9.0.3affected
MattermostMattermost0 <= 9.1.2affected
MattermostMattermost0 <= 9.2.1affected
MattermostMattermost9.2.2unaffected
MattermostMattermost8.1.6unaffected
MattermostMattermost9.0.4unaffected
MattermostMattermost9.1.3unaffected

Weaknesses

  • CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

References