Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

configservice

package

Go to main page

Versions in this module

v5

v5.39.3

Dec 15, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.39.2

Nov 2, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.39.1

Oct 20, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.39.0

Sep 8, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.38.4

Nov 2, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.38.3

Oct 20, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.38.2

Aug 25, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.38.1

Aug 18, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.38.0

Aug 16, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.10

Aug 31, 2022 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.9

Mar 9, 2022 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.8

Feb 2, 2022 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.7

Jan 18, 2022 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.6

Dec 15, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.5

Nov 23, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.4

Nov 12, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.3

Oct 20, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.2

Aug 25, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.1

Jul 28, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.37.0

Jul 13, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.36.2

Jul 29, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.36.1

Jun 17, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.36.0

Jun 10, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.5

Jul 28, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.4

Jun 17, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.3

Jun 10, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.2

Jun 2, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.1

May 17, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.35.0

May 12, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.5

Jun 17, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.4

Jun 10, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.3

May 23, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.2

Apr 16, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.1

Apr 15, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.34.0

Apr 13, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.5

Jun 10, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.4

May 23, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.3

Mar 25, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.2

Mar 24, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.1

Mar 18, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.33.0

Mar 15, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.32.1

Feb 17, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.32.0

Feb 10, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.9

Jul 28, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.8

Jun 22, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.7

Jun 11, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.6

Jun 9, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.5

May 11, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.4

Apr 7, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.3

Apr 1, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.2

Mar 24, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.1

Feb 4, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.31.0

Jan 14, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.30.3

Jan 14, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.30.2

Jan 14, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.30.1

Dec 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.30.0

Dec 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.2

Jan 16, 2021 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.1

Dec 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.1-rc3

Dec 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.1-rc2

Dec 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.0

Nov 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.0-rc4

Dec 1, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.0-rc3

Nov 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.0-rc2

Nov 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.29.0-rc1

Oct 31, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.2

Dec 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.1

Oct 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.1-rc2

Oct 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.1-rc1

Oct 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.0

Oct 15, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.0-rc2

Oct 13, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.28.0-rc1

Oct 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.2

Dec 1, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.1

Oct 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.1-rc1

Oct 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.0

Sep 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.0-rc2

Sep 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.27.0-rc1

Aug 26, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.2

Sep 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.2-rc1

Sep 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.1

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.1-rc3

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.1-rc2

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.1-rc1

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.0

Aug 11, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.0-rc2

Aug 11, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.26.0-rc1

Aug 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.6

Nov 9, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.6-rc2

Nov 9, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.6-rc1

Nov 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.5

Sep 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.5-rc1

Sep 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.4

Aug 25, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.4-rc4

Aug 25, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.4-rc3

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.4-rc2

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.4-rc1

Aug 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.3

Aug 11, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.3-rc1

Aug 11, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.2

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.2-rc1

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.1

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.1-rc1

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.0

Jul 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.0-rc2

Jul 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.25.0-rc1

Jun 29, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.3

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.3-rc1

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.2

Jun 26, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.2-rc1

Jun 26, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.1

Jun 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.1-rc1

Jun 18, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.0

Jun 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.0-rc4

Jun 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.0-rc3

Jun 11, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.0-rc2

Jun 9, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.24.0-rc1

Jun 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.2

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.2-rc1

Jul 23, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.1

Jun 1, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.1-rc1

Jun 1, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.0

May 12, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.0-rc4

May 12, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.0-rc3

May 6, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.0-rc2

May 1, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.23.0-rc1

Apr 30, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.3

May 9, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.3-rc1

May 9, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.2

May 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.2-rc1

May 2, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.1

Apr 22, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.1-rc1

Apr 22, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.0

Apr 15, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.0-rc3

Apr 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.0-rc2

Apr 13, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.22.0-rc1

Apr 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.21.0

Mar 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.21.0-rc3

Mar 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.21.0-rc2

Mar 10, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.21.0-rc1

Feb 28, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.2

Feb 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.2-rc1

Feb 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.1

Feb 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.1-rc1

Feb 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0

Feb 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0-rc5

Feb 13, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0-rc4

Feb 12, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0-rc3

Feb 5, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0-rc2

Feb 4, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.20.0-rc1

Jan 30, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.3

May 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.3-rc1

May 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.2

Apr 20, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.1

Jan 17, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.1-rc1

Jan 17, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.0

Jan 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.0-rc3

Jan 14, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.0-rc2

Jan 3, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.19.0-rc1

Dec 19, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.2

Jan 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.2-rc1

Jan 16, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.1

Jan 7, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.1-rc1

Jan 7, 2020 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.0

Dec 13, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

Changes in this version

+ type ConfigService interface

+ AddConfigListener func(func(old, current *model.Config)) string

+ AsymmetricSigningKey func() *ecdsa.PrivateKey

+ Config func() *model.Config

+ RemoveConfigListener func(string)

v5.18.0-rc4

Dec 13, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.0-rc3

Dec 13, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.0-rc2

Dec 12, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.0-rc1

Dec 3, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

v5.18.0-rc.test

Nov 22, 2019 GO-2024-2444GO-2024-2446GO-2024-2448GO-2024-2450GO-2024-2541GO-2024-2566GO-2024-2588GO-2024-2589GO-2024-2590GO-2024-2591GO-2024-2592GO-2024-2593GO-2024-2594GO-2024-2595GO-2024-2635GO-2024-2695GO-2024-2696GO-2024-2706GO-2024-2707

GO-2024-2444: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

GO-2024-2446: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

GO-2024-2448: Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

GO-2024-2450: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

GO-2024-2541: Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

GO-2024-2566: Mattermost fails to check the required permissions in github.com/mattermost/mattermost-server

GO-2024-2588: Mattermost race condition in github.com/mattermost/mattermost-server

GO-2024-2589: Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

GO-2024-2590: Mattermost leaks details of AD/LDAP groups of a teams in github.com/mattermost/mattermost-server

GO-2024-2591: Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

GO-2024-2592: Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

GO-2024-2593: Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

GO-2024-2594: Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server

GO-2024-2595: Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

GO-2024-2635: Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server

GO-2024-2695: Mattermost Server doesn't limit the number of user preferences in github.com/mattermost/mattermost-server

GO-2024-2696: Mattermost fails to authenticate the source of certain types of post actions in github.com/mattermost/mattermost-server

GO-2024-2706: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

GO-2024-2707: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server

Other modules containing this package

github.com/mattermost/mattermost-server

github.com/mattermost/mattermost-server/v6