Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that stems from the inability to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint, which can be exploited by an attacker to obtain information (e.g., names, nicknames) about other users via Mattermost Boards, as a guest user and with knowledge of their user IDs.