Client-Side Crash Vulnerability in Mattermost 6.0 and Earlier

Client-Side Crash Vulnerability in Mattermost 6.0 and Earlier

CVE-2021-37863 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a client-side crash of the web application via a maliciously crafted post.

Learn more about our Web App Pen Testing.