Описание
Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.
Пакеты
Наименование
github.com/mattermost/mattermost/server/v8
go
Затронутые версииВерсия исправления
< 8.1.4
8.1.4
Наименование
github.com/mattermost/mattermost-server/v6
go
Затронутые версииВерсия исправления
< 7.8.13
7.8.13
Связанные уязвимости
CVSS3: 4.3
nvd
больше 1 года назад
Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.
CVSS3: 4.3
debian
больше 1 года назад
Mattermost fails to properly validate the "Show Full Name" option in a ...