CVE-2024-4183

Vulnerability Description

Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions table.

Vulnerability Details

Published Date

April 26, 2024

Last Modified

May 12, 2025

Source

NVD

CVE-2024-4183

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment