VYPR
High severityNVD Advisory· Published Jun 19, 2020· Updated Aug 5, 2024

CVE-2017-18871

CVE-2017-18871

Description

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/mattermost/mattermost-serverGo
< 4.2.24.2.2
github.com/mattermost/mattermost-serverGo
>= 4.3.0-rc1, < 4.3.44.3.4
github.com/mattermost/mattermost-serverGo
>= 4.4.0-rc1, < 4.4.54.4.5
github.com/mattermost/mattermost-serverGo
>= 4.5.0-rc1, < 4.5.04.5.0

Affected products

4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.