Loading HuntDB...

GHSA-478w-7mxw-36gh

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to send a request with null request body to that endpoint and make it crash. After a few repetitions, the plugin is disabled. 

Related CVEs

Key Information

GHSA ID
GHSA-478w-7mxw-36gh
Published
December 12, 2023 9:30 AM
Last Modified
December 14, 2023 9:31 PM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.