Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once.

Affected Packages

Go github.com/mattermost/mattermost-plugin-channel-export

Affected versions: 0 (fixed in 1.0.1)

Related CVEs

CVE-2024-43105

Key Information

GHSA ID

GHSA-869f-px86-vj84

Published

August 23, 2024 9:30 AM

Last Modified

August 23, 2024 9:17 PM

CVSS Score

5.0 /10

Primary Ecosystem

Primary Package

github.com/mattermost/mattermost-plugin-channel-export

GitHub Reviewed

✓ Yes

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.