Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-service by a linking to a specially crafted webpage in a message.
{
"versions": [
{
"introduced": "7.8.0"
},
{
"last_affected": "7.8.3"
},
{
"introduced": "7.9.0"
},
{
"last_affected": "7.9.2"
},
{
"introduced": "0"
},
{
"last_affected": "7.10.0"
}
]
}