Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/12/31 4:9 p.m.20 views

CVE-2025-64528

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enablenames is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

6.3CVSS6.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 4:4 p.m.15 views

CVE-2025-64528

CVE-2025-64528 affects Discourse prior to versions 3.5.3, 2025.11.1, and 2025.12.0. An attacker who knows part of a username can discover the user and their full name via UI or API, even when enable_names is disabled. The issue is confirmed across multiple sources (NVD, Red Hat, OSV, OpenVAS, etc...

6.3CVSS6.4AI score0.00242EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57497

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0036EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-23796

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.10 views

CVE-2023-45223

Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled...

4.3CVSS4.5AI score0.00506EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/27 12:0 a.m.5 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to properly validate the "Show Full Name" option in some endpoints in Mattermost Boards, allowing members to obtain another...

4.3CVSS6.6AI score0.00506EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/22 10:16 a.m.9 views

CVE-2023-1562 Full name revealed via /plugins/focalboard/api/v2/users

Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner...

3.5CVSS6.8AI score0.00464EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/15 12:0 a.m.7 views

Moodle 信息泄露漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. There is a security vulnerability in moodle that stems from viewing the full name of another user without permission via the online use...

5.3CVSS5.5AI score0.01307EPSS
Exploits0References7
Hacker One
Hacker One
added 2017/09/25 9:45 p.m.26 views

New Relic: Bypass of my two other reports #267636 + #255894 - (IDOR) Ability to see full name associated with other New Relic accounts

@jonbottarini discovered an issue where names associated with arbitrary existing email addresses can be revealed in the Alerts Notification Channel UI. As with similar previously-reported issues, this was resolved by obfuscating that information before it's presented...

6.8AI score
Exploits0
Rows per page
Query Builder