7 matches found
CVE-2023-1562
Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner...
Design/Logic Flaw
Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled...
Mattermost Security Vulnerabilities
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to properly validate the "Show Full Name" option in some endpoints in Mattermost Boards, allowing members to obtain another...
PT-2023-29463 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue arises from the improper validation of the "Show Full Name" option in certain endpoints within Mattermost Boards. This allows a member to obtain the full name of another user,...
CVE-2023-5160 Full name disclosure via team top membership with Show Full Name option disabled
Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAMID/top/teammembers endpoint allowing a member to get the full name of another user even if the Show Full Name option was disabled...
Mattermost Security Vulnerabilities
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to check the Show Full Name option on the /api/v4/teams/TEAMID/top/TEAMmembers endpoint...
CVE-2023-1562 Full name revealed via /plugins/focalboard/api/v2/users
Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner...