CVE-2018-21258

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 5.1

Description An issue in Mattermost Server allows attackers to cause a denial of service via the invite people slash command.

Recommendations For versions prior to 5.1, update to version 5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the invite people slash command until the update is applied.

Fix

DoS

Resource Exhaustion

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-74

Related Identifiers

CVE-2018-21258

GHSA-5MH6-P63G-3MV5

GO-2025-4146

SUSE-SU-2025:4395-1

Affected Products

Mattermost Server

CVE-2018-21258

Weakness Enumeration

Related Identifiers

Affected Products

References · 49