VYPR
Unrated severityNVD Advisory· Published Feb 21, 2022· Updated Dec 6, 2024

Team Creator's Email Address is disclosed to Team Members via one of the APIs

CVE-2022-0708

Description

Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mattermost/Mattermostllm-fuzzy2 versions
    <=6.3.0+ 1 more
    • (no CPE)range: <=6.3.0
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.