Affected by GO-2022-0540
and 17 other vulnerabilities
GO-2022-0540: Mattermost users could access some sensitive information via API call in github.com/mattermost/mattermost-server
GO-2022-0576: Insecure plugin handling in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0595: Resource exhaustion in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0599: Improper Control of a Resource Through its Lifetime in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0604: Cross-site Scripting in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0616: Improper Privilege Management in Mattermost in github.com/mattermost/mattermost-server
GO-2023-1939: Mattermost Server Sensitive Data Exposure in github.com/mattermost/mattermost
GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server
GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
GO-2024-3164: Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events in github.com/mattermost/mattermost-server
GO-2024-3227: Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server
GO-2024-3232: Mattermost Server allows user to get private channel names in github.com/mattermost/mattermost-server
GO-2024-3233: Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery in github.com/mattermost/mattermost-server
GO-2024-3234: Mattermost Server vulnerable to application crash from attacker-generated large response in github.com/mattermost/mattermost-server
GO-2024-3235: Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server
The highest tagged major version is
v6.
module
Version:
v3.10.0+incompatible
Opens a new window with list of versions in this module.
Published: Jun 13, 2017
License: AGPL-3.0, Apache-2.0
Opens a new window with license information.
README
¶
Mattermost
Mattermost is an open source, self-hosted Slack-alternative from https://mattermost.org.
It's written in Golang and React and runs as a single Linux binary with MySQL or Postgres. Every month on the 16th a new compiled version is released under an MIT license.
Try out Mattermost:
Deploy on Heroku
Note: Heroku preview does not include email or persistent storage
Install on your own machine:
Get Involved:
Learn More:
Get the Latest News:
Any other questions, mail us at info@mattermost.com. We’d love to meet you!
Directories
¶
|
|
|
|
|
|
cmd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Click to show internal directories.
Click to hide internal directories.