CVE-2023-5522

Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel.

Published: Oct 17, 2023
Updated: Oct 25, 2023
CVE: CVE-2023-5522
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mattermost / mattermost	-	2.8.0

https://mattermost.com/security-updates

Vulnerability Database

289,871

CVE-2023-5522