CVE-2023-45223

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-45223

Severity

4.3

Medium

CVSS CVSS_V3

Description

Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.

References

https://images.chainguard.dev/security/CGA-w36j-4mg9-cw96
https://github.com/advisories/GHSA-p5pr-vm3j-jxxf
https://images.chainguard.dev/security/CGA-whrj-vjqm-xvwr
https://images.chainguard.dev/security/CGA-rm6h-vjp2-82j3
https://images.chainguard.dev/security/CGA-v8f9-7c43-255q
https://images.chainguard.dev/security/CGA-j9q7-hhm7-xf6f
https://images.chainguard.dev/security/CGA-vg35-rm9f-4h9j
https://images.chainguard.dev/security/CGA-qph9-jhh7-458r
https://images.chainguard.dev/security/CGA-3vqp-vcm5-4746
https://images.chainguard.dev/security/CGA-mq32-2g8p-fmp3
https://images.chainguard.dev/security/CGA-f9hj-4j67-r56w
https://images.chainguard.dev/security/CGA-8xh7-rw97-f99f
https://images.chainguard.dev/security/CGA-px44-7585-r97w
https://mattermost.com/security-updates

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

CVE-2023-45223

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources