Mattermost Denial-of-Service Vulnerability via Malicious Post in Multiple Versions

Vulnerability

A denial-of-service vulnerability has been identified in Mattermost versions 10.2.0, 9.11.5, 10.0.3, and 10.1.3. This issue arises because the application fails to properly validate post properties, allowing a malicious authenticated user to cause a crash by sending a harmful post.

Impact

Exploitation of this vulnerability leads to a crash of the Mattermost application, causing a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mattermost Denial-of-Service Vulnerability via Malicious Post in Multiple Versions

Vulnerability

Impact

Affected Products

Mattermost

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating