Mattermost icon Mattermost HackerOne

Target Policy
https://hackerone.com/mattermost?type=team
Structured Scope
  • Asset Identifier
    Asset Type
    Max Severity
  • mattermost/mattermost-plugin-aws-SNS

    Source Code: https://github.com/mattermost/mattermost-plugin-aws-SNS
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-plugin-github

    Source Code: https://github.com/mattermost/mattermost-plugin-github
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-plugin-autolink

    Source Code: https://github.com/mattermost/mattermost-plugin-autolink
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/desktop

    Binary downloads available: https://mattermost.com/download/ or https://github.com/mattermost/desktop/releases
    Source Code: https://github.com/mattermost/desktop
    Developer setup instructions: https://developers.mattermost.com/contribute/desktop/developer-setup/
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-plugin-playbooks

    Source Code: https://github.com/mattermost/mattermost-plugin-playbooks
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com/guides/playbooks.html

    SOURCE_CODE
    critical
  • mattermost/mattermost-push-proxy

    Source Code: https://github.com/mattermost/mattermost-push-proxy
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-redux

    Shared redux code between our web app and mobile app.
    Source Code: https://github.com/mattermost/mattermost-redux
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • *.test.mattermost.cloud

    **Note**: New workspace signups are paused for the time being. Please refrain from creating new workspaces and be aware that old workspaces may be deleted at our discretion as we free up resources.

    URL
    critical
  • mattermost/mattermost-plugin-jira

    Source Code: https://github.com/mattermost/mattermost-plugin-jira
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • *.mattermost.com
    WILDCARD
    medium
  • mattermost/mattermost-plugin-custom-attributes

    Source Code: mattermost/mattermost-plugin-custom-attributes
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-mobile

    Binary downloads available
    - IOS: https://itunes.apple.com/us/app/mattermost/id1257222717
    - Android: https://play.google.com/store/apps/details?id=com.mattermost.rn
    - APK and IMA: https://github.com/mattermost/mattermost-mobile/releases

    Source Code: https://github.com/mattermost/mattermost-mobile
    Developer setup instructions: https://developers.mattermost.com/contribute/mobile/developer-setup/
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-webapp

    Binary downloads available: https://mattermost.com/download/
    Source Code: https://github.com/mattermost/mattermost-webapp
    Developer setup instructions: https://developers.mattermost.com/contribute/webapp/developer-setup/
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-plugin-zoom

    Source Code: https://github.com/mattermost/mattermost-plugin-zoom
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-server

    Binary downloads available: https://mattermost.com/download/
    Source Code: https://github.com/mattermost/mattermost-server
    Developer setup instructions: https://developers.mattermost.com/contribute/server/developer-setup/
    Server setup instructions: https://docs.mattermost.com/guides/administrator.html
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • mattermost/mattermost-plugin-welcomebot

    Source Code: https://github.com/mattermost/mattermost-plugin-welcomebot
    Documentation and setup instructions are available in the README of the repository.
    General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • 978516833

    Latest IPA can be downloaded from here:
    https://github.com/mattermost/mattermost-mobile/releases

    APPLE_STORE_APP_ID
    critical
  • http://h1-*your-own-instance*.cloud.mattermost.com

    Create your own free instance by signing up at https://customers.mattermost.com/cloud/signup

    ## Important Notes
    - Remember to prefix your instance name with `h1-` so that it’s easily identifiable.
    - Please use your own cloud instance for testing.
    - Never use any other cloud instances.
    - Please adhere to the Program Rules as mentioned in our Program Policy.

    WILDCARD
    critical
  • Mattermost Plugins

    - [Jira Plugin](https://github.com/mattermost/mattermost-plugin-jira)
    - [Zoom Plugin](https://github.com/mattermost/mattermost-plugin-zoom)
    - [GitHub Plugin](https://github.com/mattermost/mattermost-plugin-github)
    - [GitLab Plugin](https://github.com/mattermost/mattermost-plugin-gitlab)
    - [Calls Plugin](https://github.com/mattermost/mattermost-plugin-calls)
    - [Playbooks Plugin](https://github.com/mattermost/mattermost-plugin-playbooks)

    Documentation and setup instructions are available in the README of the repository. General documentation: https://docs.mattermost.com

    SOURCE_CODE
    critical
  • com.mattermost.rn

    The latest APK can be downloaded from here:
    https://github.com/mattermost/mattermost-mobile/releases

    The public beta release containing the latest features is also in scope and can be accessed on the Play Store under the identifier [com.mattermost.rnbeta](https://play.google.com/store/apps/details?id=com.mattermost.rnbeta)

    GOOGLE_PLAY_APP_ID
    critical
  • about.mattermost.com

    We don't accept reports for our website here.

    URL
    none
  • customers.mattermost.com
    URL
    critical
  • Mattermost Source Code

    [Server](https://github.com/mattermost/mattermost-server) | [Webapp](https://github.com/mattermost/mattermost-webapp) | [Mobile](https://github.com/mattermost/mattermost-mobile)

    ### Deploy your self-hosted Mattermost instance
    [via Docker](https://mattermost.com/deploy/) | [via Tar](https://docs.mattermost.com/install/install-tar.html)

    Detailed setup instructions for individual components are available here:
    [Server](https://developers.mattermost.com/contribute/server/developer-setup/) | [Webapp](https://developers.mattermost.com/contribute/webapp/developer-setup/) | [Mobile](https://developers.mattermost.com/contribute/mobile/developer-setup/)

    SOURCE_CODE
    critical
  • docs.mattermost.com

    We don't accept reports for our website here.

    URL
    none
  • h1-*your-own-instance*.cloud.mattermost.com

    Create your own free instance by signing up at https://customers.mattermost.com/cloud/signup

    ## Important Notes
    - Remember to prefix your instance name with `h1-` so that it’s easily identifiable.
    - Please use your own cloud instance for testing.
    - Never use any other cloud instances.
    - Please adhere to the Program Rules as mentioned in our Program Policy.

    WILDCARD
    critical
  • integrations.mattermost.com

    We don't accept reports for our website here.

    URL
    none
  • Other publicly-released plugins

    This asset is for plugins that Mattermost doesn't officially support.

    As informational only, we accept reports about important security issues with community plugins. Mattermost will handle contacting the plugin author and will provide guidance for the community member to implement a fix.

    SOURCE_CODE
    critical
  • mattermost.(com/org)

    We don't accept reports for our website here.

    OTHER
    none
  • Mattermost Desktop

    The [Mattermost Desktop App](https://developers.mattermost.com/contribute/desktop/) is an Electron wrapper around the web app project. The source code is available in [GitHub](https://github.com/mattermost/desktop). The desktop app runs on Windows, Linux, and macOS.

    [Installation instructions available here](https://docs.mattermost.com/install/desktop-app-install.html)

    DOWNLOADABLE_EXECUTABLES
    critical
Target Scope Domains
  • customers.mattermost.com
  • h1-your-own-instancecloud.mattermost.com
  • h1-your-own-instancecloud.mattermost.com
  • mattermost.com
  • test.mattermost.cloud
Tech Stack
Last Finished Scan:
Scan Name
Fleet
Finished
State
auto-gausubs-2-kxss
allkxss
1 year, 1 month ago
Finished
auto-gausubs-2-kxss
  • Fleet: allkxss
  • Duration: 17.82 Minutes
  • Finished: 1 year, 1 month ago