PT-2026-28425 · Mattermost · Mattermost Plugins
Thecybertantrik
·
Publicado
2026-03-26
·
Atualizado
2026-03-26
·
CVE-2026-3116
CVSS v3.1
4.9
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Mattermost Plugins versions 10.11.11.0 through 11.4
Description
The software does not properly check the size of incoming requests, potentially allowing an authenticated attacker to disrupt service through the webhook endpoint. The issue affects the processing of requests sent to the
/webhooks API endpoint. The request size is not validated, which can lead to a denial-of-service condition.Recommendations
Update to a version of Mattermost Plugins greater than 11.4.
Correção
Resource Exhaustion
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mattermost Plugins