CVE-2023-1562 Information

Description

Mattermost fails to check the \Show Full Name\ setting when rendering the result for the /plugins/focalboard/api/v2/users API call allowing an attacker to learn the full name of a board owner.

Reference

https://mattermost.com/security-updates/