PT-2026-2974 — Github.Com/Mattermost/Mattermost+4

PT-2026-2974 · Go · Github.Com/Mattermost/Mattermost+4

Published

2026-01-14

Updated

2026-01-14

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Mattermost has missing redirect URL validation in github.com/mattermost/mattermost.

NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.

(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)

The additional affected modules and versions are: github.com/mattermost/mattermost before v10.11.5-0.20251016131338-dad6bd7a1509.

Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

GO-2025-4248

Github.Com/Mattermost/Mattermost

Github.Com/Mattermost/Mattermost-Server

Github.Com/Mattermost/Mattermost-Server/V5

Github.Com/Mattermost/Mattermost-Server/V6

Github.Com/Mattermost/Mattermost/Server/V8