Affected by GO-2022-0540
and 17 other vulnerabilities
GO-2022-0540: Mattermost users could access some sensitive information via API call in github.com/mattermost/mattermost-server
GO-2022-0576: Insecure plugin handling in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0595: Resource exhaustion in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0599: Improper Control of a Resource Through its Lifetime in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0604: Cross-site Scripting in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0616: Improper Privilege Management in Mattermost in github.com/mattermost/mattermost-server
GO-2023-1939: Mattermost Server Sensitive Data Exposure in github.com/mattermost/mattermost
GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server
GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
GO-2024-3164: Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events in github.com/mattermost/mattermost-server
GO-2024-3227: Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server
GO-2024-3232: Mattermost Server allows user to get private channel names in github.com/mattermost/mattermost-server
GO-2024-3233: Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery in github.com/mattermost/mattermost-server
GO-2024-3234: Mattermost Server vulnerable to application crash from attacker-generated large response in github.com/mattermost/mattermost-server
GO-2024-3235: Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server
The highest tagged major version is
v6.
directory
Version:
v5.11.1+incompatible
Opens a new window with list of versions in this module.
Published: Jun 11, 2019
License: AGPL-3.0, Apache-2.0
Opens a new window with license information.
Directories
¶
Click to show internal directories.
Click to hide internal directories.