VYPR
Moderate severityNVD Advisory· Published Nov 27, 2023· Updated Aug 2, 2024

Users full name disclosure through Mattermost Boards with Show Full Name Option disabled

CVE-2023-45223

Description

Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/mattermost/mattermost/server/v8Go
< 8.1.48.1.4
github.com/mattermost/mattermost-server/v6Go
< 7.8.137.8.13

Affected products

41

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.