GO-2024-2444 : Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
GO-2024-2446 : Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
GO-2024-2448 : Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server
GO-2024-2450 : Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
GO-2024-2541 : Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server
GO-2024-2566 : Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server
GO-2024-2588 : Mattermost race condition in github.com/mattermost/mattermost-server
GO-2024-2589 : Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server
GO-2024-2590 : Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server
GO-2024-2591 : Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server
GO-2024-2592 : Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server
GO-2024-2593 : Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server
GO-2024-2594 : Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server
GO-2024-2595 : Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server
GO-2024-2635 : Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server
GO-2024-2695 : Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server
GO-2024-2696 : Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server
GO-2024-2706 : Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
GO-2024-2707 : Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
The highest tagged major version is
v6 .
README
¶
Mattermost is an open source, private cloud, Slack-alternative from https://mattermost.com .
It's written in Golang and React and runs as a single Linux binary with MySQL or PostgreSQL. Every month on the 16th a new compiled version is released under an MIT license .
Try out Mattermost
Deploy on Heroku
Note: Heroku preview does not include email or persistent storage
Auto-deploy Mattermost to Amazon Web Services, Azure, Google Cloud Platform, or Oracle Cloud Platform via Bitnami.
Install on Your Own Machine
Native Mobile and Desktop Apps
In addition to the web interface, you can also download Mattermost clients for Android , iOS , Windows PC , Mac OSX , and Linux .
Get Security Bulletins
Receive notifications of critical security updates. The sophistication of online attackers is perpetually increasing. If you are deploying Mattermost it is highly recommended you subscribe to the Mattermost Security Bulletin mailing list for updates on critical security releases.
Get Involved
Learn More
Get the Latest News
Any other questions, mail us at info@mattermost.com . We’d love to meet you!
Expand ▾
Collapse ▴
Directories
¶
Installing a managed plugin consists of copying the uploaded plugin (*.tar.gz) to the filestore, unpacking to the configured local directory (PluginSettings.Directory), and copying any webapp bundle therein to the configured local client directory (PluginSettings.ClientDirectory).
Installing a managed plugin consists of copying the uploaded plugin (*.tar.gz) to the filestore, unpacking to the configured local directory (PluginSettings.Directory), and copying any webapp bundle therein to the configured local client directory (PluginSettings.ClientDirectory).
build
cmd
The plugin package is used by Mattermost server plugins written in go.
The plugin package is used by Mattermost server plugins written in go.
plugintest
The plugintest package provides mocks that can be used to test plugins.
The plugintest package provides mocks that can be used to test plugins.
plugintest/mock
This package provides aliases for the contents of "github.com/stretchr/testify/mock".
This package provides aliases for the contents of "github.com/stretchr/testify/mock".
services
Package testlib exposes helper methods for running unit tests against a containerized test store.
Package testlib exposes helper methods for running unit tests against a containerized test store.
markdown
This package implements a parser for the subset of the CommonMark spec necessary for us to do server-side processing.
This package implements a parser for the subset of the CommonMark spec necessary for us to do server-side processing.
Click to show internal directories.
Click to hide internal directories.