2 matches found
CVE-2021-37867
Mattermost Boards plugin v0.10.0 and earlier is affected by an information-disclosure vulnerability. The root cause is a failure to protect all users’ email addresses via one of the Boards APIs, allowing authenticated and unauthorized users to access sensitive personal data. Affected component: M...
CVE-2021-37867 Emails of all users are exposed via one of the Boards APIs
Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure...