Affected by GO-2025-4247
and 3 other vulnerabilities
GO-2025-4247: Mattermost GitHub Plugin Bot Identity Validation Bypass Allows Arbitrary GitHub Reaction Injection in github.com/mattermost/mattermost
GO-2026-5833: Mattermost doesn't validate user-supplied input in API request handlers in github.com/mattermost/mattermost-plugin-github
GO-2026-5836: Mattermost doesn't enforce request body size limits on plugin HTTP endpoints in github.com/mattermost/mattermost-plugin-github
GO-2026-5839: Mattermost allows authenticated users to gain access to private repositories in github.com/mattermost/mattermost-plugin-github
directory
Version:
v0.9.2
Opens a new window with list of versions in this module.
Published: Jun 5, 2019
License: Apache-2.0
Opens a new window with license information.
Directories
¶
Click to show internal directories.
Click to hide internal directories.