CVE-2024-28949

Publication date

2024-04-05 08:14:09

Family

Mattermost

State

PUBLISHED

Description

Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 dont limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.