An issue exists in Mattermost Desktop App prior to 4.2.2. It allows malicious users to execute arbitrary code via a crafted link.
mattermost mattermost desktop