Unrated severityNVD Advisory· Published Mar 22, 2023· Updated Dec 6, 2024
Full name revealed via /plugins/focalboard/api/v2/users
CVE-2023-1562
Description
Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: 7.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.