Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL.
Exploitability
AV:NAC:LPR:LUI:RScope
S:UImpact
C:NI:NA:L3.5/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:LOther