VYPR
Unrated severityNVD Advisory· Published Jan 18, 2022· Updated Dec 6, 2024

Emails of all users are exposed via one of the Boards APIs

CVE-2021-37867

Description

Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.