Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/mattermost/mattermost-server

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/mattermost/mattermost-server in go

Moderate
19 days ago

Mattermost has a Missing Authorization vulnerability GSA_kwCzR0hTQS03Y3IzLTM4am0tNnA0Nc4ABNex

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Low
19 days ago

Mattermost has an Observable Timing Discrepancy vulnerability GSA_kwCzR0hTQS14cjN3LXJtdmotZjZtN84ABNeq

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Moderate
19 days ago

Mattermost has a Missing Authorization vulnerability GSA_kwCzR0hTQS0zcTRxLXdxbTYtaHZmM84ABNe5

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
High
19 days ago

Mattermost has a Missing Authorization vulnerability GSA_kwCzR0hTQS02cTdtLXA4Y2MtOTk4cs4ABNe_

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Low
19 days ago

Mattermost has an Incorrect Authorization vulnerability GSA_kwCzR0hTQS00MjRoLXhqODctbTkzN84ABNe8

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
High
19 days ago

Mattermost has a Missing Authorization vulnerability GSA_kwCzR0hTQS1yNnFqLTg5NGYtNWhyMs4ABNe1

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Low
about 2 months ago

Mattermost boards plugin fails to restrict download access to files GSA_kwCzR0hTQS1mNzJnLTUydjctbWczcM4ABMZr

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-plugin-boards
High
about 2 months ago

Mattermost Path Traversal vulnerability GSA_kwCzR0hTQS1xeDNmLTZ2cTMtOGo4bc4ABMZt

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
about 2 months ago

Mattermost makes Use of Weak Hash GSA_kwCzR0hTQS05cDkyLXg3N3ctOWZ3Ms4ABMEa

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
about 2 months ago

Mattermost Open Redirect vulnerability GSA_kwCzR0hTQS1obTk1LWp4NjYtZzJnaM4ABMER

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
High
about 2 months ago

Mattermost Open Redirect vulnerability GSA_kwCzR0hTQS02OWo4LXByeDItdng5OM4ABMEQ

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
about 2 months ago

Mattermost Missing Authorization vulnerability GSA_kwCzR0hTQS0zdmNtLWM0MnAtM2hoZs4ABMEP

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Moderate
2 months ago

Mattermost Fails to Sanitize File Names GSA_kwCzR0hTQS1wajZmLXJjOTQtZ3c1M84ABLUh

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
2 months ago

Mattermost has Potential Server Crash due to Unvalidated Import Data GSA_kwCzR0hTQS1oNDY5LTRmY2YtcDIzaM4ABLUR

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Moderate
2 months ago

Mattermost Fails to Sanitize Path Traversal Sequences GSA_kwCzR0hTQS14NjdjLXY4anItcDI5cs4ABLTm

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
2 months ago

Mattermost Fails to Validate File Paths GSA_kwCzR0hTQS1ncTNyLTU4MzMtNTUzMs4ABLTi

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
2 months ago

Mattermost Fails to Validate Remote Cluster Upload Sessions GSA_kwCzR0hTQS1xNDUzLTYzOGMtaDRtcs4ABLTn

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
2 months ago

Mattermost Fails to Properly Validate Team Role Modification GSA_kwCzR0hTQS00Mjc2LWNtOGMtNzg4aM4ABLTj

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
2 months ago

Mattermost Server SSRF Vulnerability via the Agents Plugin GSA_kwCzR0hTQS12cXdoLTVqaGgtdmM5cM4ABLTk

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
2 months ago

Mattermost Does Not Sanitize the Team Invite ID GSA_kwCzR0hTQS1xajQ3LXc5ZjItcWc0NM4ABLTl

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
2 months ago

Mattermost Lack of Access Control Validation GSA_kwCzR0hTQS1wd3ZyLWdycWctN3ZwMs4ABLTo

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
4 months ago

Mattermost has Insufficiently Protected Credentials GSA_kwCzR0hTQS00ZndqLTg1OTUtd3AyNc4ABKRo

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
4 months ago

Mattermost Path Traversal vulnerability GSA_kwCzR0hTQS13dncyLTNqaDQtNGMzOc4ABKRq

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
4 months ago

Mattermost Missing Authentication for Critical Function GSA_kwCzR0hTQS03aDM0LTljaHItNThxaM4ABKRa

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
4 months ago

Mattermost Incorrect Authorization vulnerability GSA_kwCzR0hTQS12OGZyLXZ4bXctNm1mNs4ABJkm

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
4 months ago

Mattermost Incorrect Authorization vulnerability GSA_kwCzR0hTQS13Z3ZwLWpqNHctODhoZs4ABJkw

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
5 months ago

Mattermost allows an unauthorized Guest user access to Playbook GSA_kwCzR0hTQS00NTc4LTZnamgtZjJqbc4ABJTD

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
5 months ago

Mattermost allows unauthorized channel member management through playbook runs GSA_kwCzR0hTQS1xd3dtLWM1ODItODJyeM4ABJTJ

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Critical
5 months ago

Mattermost allows authenticated users to write files to arbitrary locations GSA_kwCzR0hTQS1xaDU4LTl2M2otd2NqY84ABJSQ

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
5 months ago

Mattermost allows guest users to view information about public teams they are not members of GSA_kwCzR0hTQS1qd2h3LXhmNXYtcWd4Y84ABI-z

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Moderate
5 months ago

Mattermost allows authenticated administrator to execute LDAP search filter injection GSA_kwCzR0hTQS00cjY3LTR4NHAtZnByZ84ABI-v

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost/server/v8
Moderate
7 months ago

Mattermost Fails to Restrict Certain Operations on System Admins GSA_kwCzR0hTQS0zMjJ2LXZoMmctcXZwds4ABGvR

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
8 months ago

Mattermost allows members with permission to convert public channels to private and convert private to public GSA_kwCzR0hTQS1oNXY5LXh3MmctN2hycc4ABFxA

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Low
over 1 year ago

Mattermost allows team admins to promote guests to team admins GSA_kwCzR0hTQS01Zmg3LTdtdzctbW14Nc4AA7VJ

go github.com/mattermost/mattermost-server
Moderate
over 1 year ago

Mattermost crashes web clients via a malformed custom status GSA_kwCzR0hTQS04Zjk5LWcycGoteDh3M84AA7VG

go github.com/mattermost/mattermost-server
Moderate
over 1 year ago

Mattermost fails to limit the number of active sessions GSA_kwCzR0hTQS13ajM3LW1wcTkteHJjbc4AA7VH

go github.com/mattermost/mattermost-server
Moderate
over 1 year ago

Mattermost's detailed error messages reveal the full file path GSA_kwCzR0hTQS12eDk3LThxOHEtcWdxNc4AA7VB

go github.com/mattermost/mattermost-server
Low
over 1 year ago

Mattermost fails to limit the size of a request path GSA_kwCzR0hTQS1wMndxLTRnZ3AtNDVmM84AA7U_

go github.com/mattermost/mattermost-server
Low
over 1 year ago

Mattermost fails to fully validate role changes GSA_kwCzR0hTQS01cXg5LTlmZmotNXI4Zs4AA7VE

go github.com/mattermost/mattermost-server
Moderate
over 2 years ago

Mattermost fails to properly authentication inviter's permissions to private channel GSA_kwCzR0hTQS05aGo3LXY1NmctcmhmNs4AAyey

go github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost-server/v5, github.com/mattermost/mattermost-server
Moderate
over 2 years ago

Mattermost vulnerable to information disclosure GSA_kwCzR0hTQS0zd3E1LTNmNTYtdjV4Y84AAyex

go github.com/mattermost/mattermost-server, github.com/mattermost/mattermost-server/v6
Moderate
over 2 years ago

Mattermost vulnerable to cross-site scripting (XSS) GSA_kwCzR0hTQS02M2YyLTY5NTktMnB4as4AAye3

go github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost-server/v5, github.com/mattermost/mattermost-server
Moderate
over 2 years ago

Mattermost vulnerable to information disclosure GSA_kwCzR0hTQS04amhoLTNqZjItcGZ3cs4AAyez

go github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost-server/v5, github.com/mattermost/mattermost-server
Moderate
almost 3 years ago

Denial of service in Mattermost GSA_kwCzR0hTQS12NDJmLWhxNzgtOGM1bc4AAwBK

go github.com/mattermost/mattermost-server
Moderate
almost 3 years ago

Denial of service in Mattermost GSA_kwCzR0hTQS01anBoLXdycTctdjloZs4AAwBJ

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Uncontrolled Resource Consumption in Mattermost server GSA_kwCzR0hTQS1nd3BmLTk1amMtNjNyds4AArUl

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server's OAuth 2.0 service is vulnerable to attack through Missing Authorization GSA_kwCzR0hTQS1oZ3JwLWZnbTgtNTZnOM4AAlD1

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server exposes information stored by a web browser GSA_kwCzR0hTQS01cTM3LTk4NzQtcXhjd84AAlD_

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server allows XSS via redirect URL GSA_kwCzR0hTQS0yajljLTc2cHAteGM1cc4AAlD2

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server: Files may be rendered inline instead of downloaded, allowing script execution GSA_kwCzR0hTQS1ybTI0LTI1eG0tOTQ1NM4AAlDq

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to XSS through crafted links GSA_kwCzR0hTQS1tNzhyLTJ4NnctcXFqcM4AAlDu

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server exposes account details to any Team Administrator GSA_kwCzR0hTQS1nM2YzLXA5cmMtNzc1cM4AAlDy

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server allows XSS via CSRF GSA_kwCzR0hTQS12dzU3LTU1ZjgtYzczcc4AAlD6

go github.com/mattermost/mattermost-server
Low
over 3 years ago

Mattermost Server allows System Admin to modify LDAP account names and email addresses GSA_kwCzR0hTQS1tajh2LTc3M3ctNXFoas4AAlDn

go github.com/mattermost/mattermost-server
High
over 3 years ago

Mattermost Server: Insufficient Password-Reset Link Invalidation GSA_kwCzR0hTQS1qMjZnLTk1cGgtMm13ds4AAlEG

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to XSS through customizable theme color-code values GSA_kwCzR0hTQS1oOHF3LXhxbTktcTY2as4AAlDp

go github.com/mattermost/mattermost-server
High
over 3 years ago

Mattermost Server does not enforce rate limits on password change attempts GSA_kwCzR0hTQS1xcmY2LWg1ZmMtN205Ns4AAlD8

go github.com/mattermost/mattermost-server
High
over 3 years ago

Mattermost Server: initial_load API exposes unnecessary information GSA_kwCzR0hTQS1yOTNqLTNtbXAtcHg1N84AAlDz

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to Uncontrolled Resource Consumption GSA_kwCzR0hTQS1mZmNjLXFyMnYtM3Ftds4AAlEI

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server's Session ID and Session Token are potentially compromised GSA_kwCzR0hTQS00M202LXd2YzgtMm03as4AAlDt

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to XSS via a Legal or Support setting GSA_kwCzR0hTQS05anJ4LWZncm0tOTZxaM4AAlDo

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server exposes sensitive information about team URLs via an API GSA_kwCzR0hTQS1xM2c5LWhncngtaHdoeM4AAlEL

go github.com/mattermost/mattermost-server
High
over 3 years ago

Mattermost Server does not check if cookies are used over SSL GSA_kwCzR0hTQS0zNzlwLTM3eGMtcTk2M84AAlEE

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server exposes sensitive information via its System Console UI GSA_kwCzR0hTQS05dzR2LTljOTktaHY3cs4AAlDk

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to XSS through lack of link relationship attributes `noreferrer` and `noopener` GSA_kwCzR0hTQS1oM3FnLXc5ajUtd2gzbc4AAlEC

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server is vulnerable to Code Injection through its LDAP fields GSA_kwCzR0hTQS03dm13LTZjN2gtcnJyds4AAlD4

go github.com/mattermost/mattermost-server
Moderate
over 3 years ago

Mattermost Server vulnerable to Cross-site Scripting through file preview feature GSA_kwCzR0hTQS1jZmZqLTd3NWMtanFqaM4AAlDh

go github.com/mattermost/mattermost-server

Filter by Severity

Moderate 45 Low 13 High 8 Critical 1