CVE-2024-4182 Information

Description

Mattermost versions 9.6.0 9.5.x before 9.5.3 9.4.x before 9.4.5 and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values which allows an authenticated attacker to crash other users’ web clients via a malformed custom status.

Reference

https://mattermost.com/security-updates