3 matches found
CVE-2023-1562 Full name revealed via /plugins/focalboard/api/v2/users
Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner...
PT-2023-17078 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue allows an attacker to learn the full name of a board owner due to Mattermost failing to check the "Show Full Name" setting when rendering the result for the...
Agile board "Add Status" button is not available unless you are member of jira-administrators
As a project administrator or board owner I need to be able to be able to add/remove Statused by using the "Add Status" button from the board Configuration window. Currently this button does appear only for jira-administrators...