CVE-2023-5967
Mattermost denial of service vulnerability in go/github.com/mattermost/mattermost-server/v6
Identifiers
GHSA-xvq6-h898-wcj8, CVE-2023-5967
Package Slug
go/github.com/mattermost/mattermost-server/v6
Vulnerability
Mattermost denial of service vulnerability
Description
Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin
Affected Versions
All versions before 7.8.12
Solution
Upgrade to version 7.8.12 or above.
Last Modified
2023-11-09
| source |