Security Advisory

CVE-2023-27265

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-27 14:46:23

Last updated 2024-12-06 23:06:38

Assigner Mattermost

State PUBLISHED

Description

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owners email address in the response.

← Browse all CVEs View on cve.org ↗