CVE-2024-24988 Information

Description

Mattermost fails to properly validate the length of the emoji value in the custom user status allowing an attacker to send multiple times a very long string as an emoji value causing high resource consumption and possibly crashing the server.

Reference

https://mattermost.com/security-updates