Affected by GO-2025-4247
and 3 other vulnerabilities
GO-2025-4247: Mattermost GitHub Plugin Bot Identity Validation Bypass Allows Arbitrary GitHub Reaction Injection in github.com/mattermost/mattermost
GO-2026-5833: Mattermost doesn't validate user-supplied input in API request handlers in github.com/mattermost/mattermost-plugin-github
GO-2026-5836: Mattermost doesn't enforce request body size limits on plugin HTTP endpoints in github.com/mattermost/mattermost-plugin-github
GO-2026-5839: Mattermost allows authenticated users to gain access to private repositories in github.com/mattermost/mattermost-plugin-github
command
Version:
v0.12.0
Opens a new window with list of versions in this module.
Published: Oct 25, 2019
License: Apache-2.0
Opens a new window with license information.
Imports: 6
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Click to show internal directories.
Click to hide internal directories.